TSK-349 Mandatory read permission is not checked in WorkbasketQuery if another permission is used as condition
This commit is contained in:
BerndBreier
Holger Hagen
parent
98a3bd34ba
commit
ff77d6a2f0
|
|
@ -203,7 +203,12 @@ public interface QueryMapper {
|
||||||
@Select("<script>"
|
@Select("<script>"
|
||||||
+ "SELECT DISTINCT "
|
+ "SELECT DISTINCT "
|
||||||
+ "w.ID, w.KEY, w.NAME, w.DOMAIN, W.TYPE, w.DESCRIPTION, w.OWNER, w.ORG_LEVEL_1, w.ORG_LEVEL_2, w.ORG_LEVEL_3, w.ORG_LEVEL_4 from WORKBASKET w "
|
+ "w.ID, w.KEY, w.NAME, w.DOMAIN, W.TYPE, w.DESCRIPTION, w.OWNER, w.ORG_LEVEL_1, w.ORG_LEVEL_2, w.ORG_LEVEL_3, w.ORG_LEVEL_4 from WORKBASKET w "
|
||||||
+ "LEFT OUTER JOIN WORKBASKET_ACCESS_LIST a on (w.ID = a.WORKBASKET_ID AND a.ACCESS_ID IN (<if test='accessId != null'><foreach item='item' collection='accessId' separator=',' >#{item}</foreach></if>))"
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, max(PERM_READ) as MAX_READ, max(PERM_OPEN) as MAX_OPEN, "
|
||||||
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
|
+ "FROM WORKBASKET_ACCESS_LIST where ACCESS_ID IN (<if test='accessId != null'><foreach item='item' collection='accessId' separator=',' >#{item}</foreach></if>) group by WORKBASKET_ID ) a "
|
||||||
|
+ "on (w.ID = a.WID)"
|
||||||
+ "<where>"
|
+ "<where>"
|
||||||
+ "<if test='ownerIn != null'>AND w.OWNER IN(<foreach item='item' collection='ownerIn' separator=',' >#{item}</foreach>)</if> "
|
+ "<if test='ownerIn != null'>AND w.OWNER IN(<foreach item='item' collection='ownerIn' separator=',' >#{item}</foreach>)</if> "
|
||||||
+ "<if test='ownerLike != null'>AND (<foreach item='item' collection='ownerLike' separator=' OR ' >UPPER(w.OWNER) LIKE #{item}</foreach>)</if> "
|
+ "<if test='ownerLike != null'>AND (<foreach item='item' collection='ownerLike' separator=' OR ' >UPPER(w.OWNER) LIKE #{item}</foreach>)</if> "
|
||||||
|
|
@ -234,25 +239,25 @@ public interface QueryMapper {
|
||||||
+ "<if test='orgLevel3Like != null'>AND (<foreach item='item' collection='orgLevel3Like' separator=' OR ' >UPPER(w.ORG_LEVEL_3) LIKE #{item}</foreach>)</if> "
|
+ "<if test='orgLevel3Like != null'>AND (<foreach item='item' collection='orgLevel3Like' separator=' OR ' >UPPER(w.ORG_LEVEL_3) LIKE #{item}</foreach>)</if> "
|
||||||
+ "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
|
+ "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
|
||||||
+ "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
|
+ "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
|
||||||
+ "AND (PERM_READ = 1 "
|
+ "AND (a.MAX_READ = 1 "
|
||||||
+ "<if test='permission != null'>OR "
|
+ "<if test='permission != null'>AND "
|
||||||
+ "<if test=\"permission.name().equals('READ')\">PERM_READ</if> "
|
+ "<if test=\"permission.name().equals('READ')\">a.MAX_READ</if> "
|
||||||
+ "<if test=\"permission.name().equals('OPEN')\">PERM_OPEN</if> "
|
+ "<if test=\"permission.name().equals('OPEN')\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name().equals('APPEND')\">PERM_APPEND</if>"
|
+ "<if test=\"permission.name().equals('APPEND')\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name().equals('TRANSFER')\">PERM_TRANSFER</if>"
|
+ "<if test=\"permission.name().equals('TRANSFER')\">a.MAX_TRANSFER</if>"
|
||||||
+ "<if test=\"permission.name().equals('DISTRIBUTE')\">PERM_DISTRIBUTE</if>"
|
+ "<if test=\"permission.name().equals('DISTRIBUTE')\">a.MAX_DISTRIBUTE</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_1')\">PERM_CUSTOM_1</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_1')\">a.MAX_CUSTOM_1</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_2')\">PERM_CUSTOM_2</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_2')\">a.MAX_CUSTOM_2</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_3')\">PERM_CUSTOM_3</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_3')\">a.MAX_CUSTOM_3</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_4')\">PERM_CUSTOM_4</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_4')\">a.MAX_CUSTOM_4</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_5')\">PERM_CUSTOM_5</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_5')\">a.MAX_CUSTOM_5</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_6')\">PERM_CUSTOM_6</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_6')\">a.MAX_CUSTOM_6</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_7')\">PERM_CUSTOM_7</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_7')\">a.MAX_CUSTOM_7</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_8')\">PERM_CUSTOM_8</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_8')\">a.MAX_CUSTOM_8</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_9')\">PERM_CUSTOM_9</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_9')\">a.MAX_CUSTOM_9</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_10')\">PERM_CUSTOM_10</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_10')\">a.MAX_CUSTOM_10</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_11')\">PERM_CUSTOM_11</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_11')\">a.MAX_CUSTOM_11</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_12')\">PERM_CUSTOM_12</if> = 1 "
|
+ "<if test=\"permission.name().equals('CUSTOM_12')\">a.MAX_CUSTOM_12</if> = 1 "
|
||||||
+ "</if>)"
|
+ "</if>)"
|
||||||
+ "</where>"
|
+ "</where>"
|
||||||
+ "<if test='!orderBy.isEmpty()'>ORDER BY <foreach item='orderItem' collection='orderBy' separator=',' >${orderItem}</foreach></if> "
|
+ "<if test='!orderBy.isEmpty()'>ORDER BY <foreach item='orderItem' collection='orderBy' separator=',' >${orderItem}</foreach></if> "
|
||||||
|
|
@ -424,7 +429,12 @@ public interface QueryMapper {
|
||||||
|
|
||||||
@Select("<script>"
|
@Select("<script>"
|
||||||
+ "SELECT COUNT(w.ID) from WORKBASKET w "
|
+ "SELECT COUNT(w.ID) from WORKBASKET w "
|
||||||
+ "LEFT OUTER JOIN WORKBASKET_ACCESS_LIST a on (w.ID = a.WORKBASKET_ID AND a.ACCESS_ID IN (<if test='accessId != null'><foreach item='item' collection='accessId' separator=',' >#{item}</foreach></if>))"
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, max(PERM_READ) as MAX_READ, max(PERM_OPEN) as MAX_OPEN, "
|
||||||
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
|
+ "FROM WORKBASKET_ACCESS_LIST where ACCESS_ID IN (<if test='accessId != null'><foreach item='item' collection='accessId' separator=',' >#{item}</foreach></if>) group by WORKBASKET_ID ) a "
|
||||||
|
+ "on (w.ID = a.WID)"
|
||||||
+ "<where>"
|
+ "<where>"
|
||||||
+ "<if test='ownerIn != null'>AND w.OWNER IN(<foreach item='item' collection='ownerIn' separator=',' >#{item}</foreach>)</if> "
|
+ "<if test='ownerIn != null'>AND w.OWNER IN(<foreach item='item' collection='ownerIn' separator=',' >#{item}</foreach>)</if> "
|
||||||
+ "<if test='ownerLike != null'>AND (<foreach item='item' collection='ownerLike' separator=' OR ' >UPPER(w.OWNER) LIKE #{item}</foreach>)</if> "
|
+ "<if test='ownerLike != null'>AND (<foreach item='item' collection='ownerLike' separator=' OR ' >UPPER(w.OWNER) LIKE #{item}</foreach>)</if> "
|
||||||
|
|
@ -455,25 +465,25 @@ public interface QueryMapper {
|
||||||
+ "<if test='orgLevel3Like != null'>AND (<foreach item='item' collection='orgLevel3Like' separator=' OR ' >UPPER(w.ORG_LEVEL_3) LIKE #{item}</foreach>)</if> "
|
+ "<if test='orgLevel3Like != null'>AND (<foreach item='item' collection='orgLevel3Like' separator=' OR ' >UPPER(w.ORG_LEVEL_3) LIKE #{item}</foreach>)</if> "
|
||||||
+ "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
|
+ "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
|
||||||
+ "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
|
+ "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
|
||||||
+ "AND (PERM_READ = 1 "
|
+ "AND (a.MAX_READ = 1 "
|
||||||
+ "<if test='permission != null'>OR "
|
+ "<if test='permission != null'>AND "
|
||||||
+ "<if test=\"permission.name().equals('READ')\">PERM_READ</if> "
|
+ "<if test=\"permission.name().equals('READ')\">a.MAX_READ</if> "
|
||||||
+ "<if test=\"permission.name().equals('OPEN')\">PERM_OPEN</if> "
|
+ "<if test=\"permission.name().equals('OPEN')\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name().equals('APPEND')\">PERM_APPEND</if>"
|
+ "<if test=\"permission.name().equals('APPEND')\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name().equals('TRANSFER')\">PERM_TRANSFER</if>"
|
+ "<if test=\"permission.name().equals('TRANSFER')\">a.MAX_TRANSFER</if>"
|
||||||
+ "<if test=\"permission.name().equals('DISTRIBUTE')\">PERM_DISTRIBUTE</if>"
|
+ "<if test=\"permission.name().equals('DISTRIBUTE')\">a.MAX_DISTRIBUTE</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_1')\">PERM_CUSTOM_1</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_1')\">a.MAX_CUSTOM_1</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_2')\">PERM_CUSTOM_2</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_2')\">a.MAX_CUSTOM_2</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_3')\">PERM_CUSTOM_3</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_3')\">a.MAX_CUSTOM_3</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_4')\">PERM_CUSTOM_4</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_4')\">a.MAX_CUSTOM_4</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_5')\">PERM_CUSTOM_5</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_5')\">a.MAX_CUSTOM_5</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_6')\">PERM_CUSTOM_6</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_6')\">a.MAX_CUSTOM_6</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_7')\">PERM_CUSTOM_7</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_7')\">a.MAX_CUSTOM_7</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_8')\">PERM_CUSTOM_8</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_8')\">a.MAX_CUSTOM_8</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_9')\">PERM_CUSTOM_9</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_9')\">a.MAX_CUSTOM_9</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_10')\">PERM_CUSTOM_10</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_10')\">a.MAX_CUSTOM_10</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_11')\">PERM_CUSTOM_11</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_11')\">a.MAX_CUSTOM_11</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_12')\">PERM_CUSTOM_12</if> = 1 "
|
+ "<if test=\"permission.name().equals('CUSTOM_12')\">a.MAX_CUSTOM_12</if> = 1 "
|
||||||
+ "</if>)"
|
+ "</if>)"
|
||||||
+ "</where>"
|
+ "</where>"
|
||||||
+ "</script>")
|
+ "</script>")
|
||||||
|
|
@ -609,7 +619,12 @@ public interface QueryMapper {
|
||||||
|
|
||||||
@Select("<script>SELECT DISTINCT ${columnName} "
|
@Select("<script>SELECT DISTINCT ${columnName} "
|
||||||
+ "FROM WORKBASKET w "
|
+ "FROM WORKBASKET w "
|
||||||
+ "LEFT OUTER JOIN WORKBASKET_ACCESS_LIST a on (w.ID = a.WORKBASKET_ID AND a.ACCESS_ID IN (<if test='accessId != null'><foreach item='item' collection='accessId' separator=',' >#{item}</foreach></if>))"
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, max(PERM_READ) as MAX_READ, max(PERM_OPEN) as MAX_OPEN, "
|
||||||
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
|
+ "FROM WORKBASKET_ACCESS_LIST where ACCESS_ID IN (<if test='accessId != null'><foreach item='item' collection='accessId' separator=',' >#{item}</foreach></if>) group by WORKBASKET_ID ) a "
|
||||||
|
+ "on (w.ID = a.WID)"
|
||||||
+ "<where>"
|
+ "<where>"
|
||||||
+ "<if test='ownerIn != null'>AND w.OWNER IN(<foreach item='item' collection='ownerIn' separator=',' >#{item}</foreach>)</if> "
|
+ "<if test='ownerIn != null'>AND w.OWNER IN(<foreach item='item' collection='ownerIn' separator=',' >#{item}</foreach>)</if> "
|
||||||
+ "<if test='ownerLike != null'>AND (<foreach item='item' collection='ownerLike' separator=' OR ' >UPPER(w.OWNER) LIKE #{item}</foreach>)</if> "
|
+ "<if test='ownerLike != null'>AND (<foreach item='item' collection='ownerLike' separator=' OR ' >UPPER(w.OWNER) LIKE #{item}</foreach>)</if> "
|
||||||
|
|
@ -640,25 +655,25 @@ public interface QueryMapper {
|
||||||
+ "<if test='orgLevel3Like != null'>AND (<foreach item='item' collection='orgLevel3Like' separator=' OR ' >UPPER(w.ORG_LEVEL_3) LIKE #{item}</foreach>)</if> "
|
+ "<if test='orgLevel3Like != null'>AND (<foreach item='item' collection='orgLevel3Like' separator=' OR ' >UPPER(w.ORG_LEVEL_3) LIKE #{item}</foreach>)</if> "
|
||||||
+ "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
|
+ "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
|
||||||
+ "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
|
+ "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
|
||||||
+ "AND (PERM_READ = 1 "
|
+ "AND (a.MAX_READ = 1 "
|
||||||
+ "<if test='permission != null'>OR "
|
+ "<if test='permission != null'>AND "
|
||||||
+ "<if test=\"permission.name().equals('READ')\">PERM_READ</if> "
|
+ "<if test=\"permission.name().equals('READ')\">a.MAX_READ</if> "
|
||||||
+ "<if test=\"permission.name().equals('OPEN')\">PERM_OPEN</if> "
|
+ "<if test=\"permission.name().equals('OPEN')\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name().equals('APPEND')\">PERM_APPEND</if>"
|
+ "<if test=\"permission.name().equals('APPEND')\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name().equals('TRANSFER')\">PERM_TRANSFER</if>"
|
+ "<if test=\"permission.name().equals('TRANSFER')\">a.MAX_TRANSFER</if>"
|
||||||
+ "<if test=\"permission.name().equals('DISTRIBUTE')\">PERM_DISTRIBUTE</if>"
|
+ "<if test=\"permission.name().equals('DISTRIBUTE')\">a.MAX_DISTRIBUTE</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_1')\">PERM_CUSTOM_1</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_1')\">a.MAX_CUSTOM_1</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_2')\">PERM_CUSTOM_2</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_2')\">a.MAX_CUSTOM_2</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_3')\">PERM_CUSTOM_3</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_3')\">a.MAX_CUSTOM_3</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_4')\">PERM_CUSTOM_4</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_4')\">a.MAX_CUSTOM_4</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_5')\">PERM_CUSTOM_5</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_5')\">a.MAX_CUSTOM_5</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_6')\">PERM_CUSTOM_6</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_6')\">a.MAX_CUSTOM_6</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_7')\">PERM_CUSTOM_7</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_7')\">a.MAX_CUSTOM_7</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_8')\">PERM_CUSTOM_8</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_8')\">a.MAX_CUSTOM_8</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_9')\">PERM_CUSTOM_9</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_9')\">a.MAX_CUSTOM_9</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_10')\">PERM_CUSTOM_10</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_10')\">a.MAX_CUSTOM_10</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_11')\">PERM_CUSTOM_11</if>"
|
+ "<if test=\"permission.name().equals('CUSTOM_11')\">a.MAX_CUSTOM_11</if>"
|
||||||
+ "<if test=\"permission.name().equals('CUSTOM_12')\">PERM_CUSTOM_12</if> = 1 "
|
+ "<if test=\"permission.name().equals('CUSTOM_12')\">a.MAX_CUSTOM_12</if> = 1 "
|
||||||
+ "</if>)"
|
+ "</if>)"
|
||||||
+ "</where>"
|
+ "</where>"
|
||||||
+ "<if test='!orderBy.isEmpty()'>ORDER BY <foreach item='orderItem' collection='orderBy' separator=',' >${orderItem}</foreach></if> "
|
+ "<if test='!orderBy.isEmpty()'>ORDER BY <foreach item='orderItem' collection='orderBy' separator=',' >${orderItem}</foreach></if> "
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,8 @@ package acceptance.workbasket;
|
||||||
import static org.junit.Assert.fail;
|
import static org.junit.Assert.fail;
|
||||||
|
|
||||||
import java.sql.SQLException;
|
import java.sql.SQLException;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
|
|
@ -70,7 +72,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
|
List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
|
||||||
.accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1", "group_1")
|
.accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1", "group_1")
|
||||||
.list();
|
.list();
|
||||||
Assert.assertEquals(7, results.size());
|
Assert.assertEquals(6, results.size());
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(
|
@WithAccessId(
|
||||||
|
|
@ -85,7 +87,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
.accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1", "group_1")
|
.accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1", "group_1")
|
||||||
.orderByName(asc)
|
.orderByName(asc)
|
||||||
.list();
|
.list();
|
||||||
Assert.assertEquals(7, results.size());
|
Assert.assertEquals(6, results.size());
|
||||||
Assert.assertEquals("GPK_KSC_1", results.get(0).getKey());
|
Assert.assertEquals("GPK_KSC_1", results.get(0).getKey());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -102,10 +104,28 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
.orderByName(desc)
|
.orderByName(desc)
|
||||||
.orderByKey(asc)
|
.orderByKey(asc)
|
||||||
.list();
|
.list();
|
||||||
Assert.assertEquals(7, results.size());
|
Assert.assertEquals(6, results.size());
|
||||||
Assert.assertEquals("USER_2_2", results.get(0).getKey());
|
Assert.assertEquals("USER_2_2", results.get(0).getKey());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(
|
||||||
|
userName = "dummy",
|
||||||
|
groupNames = {"businessadmin"})
|
||||||
|
@Test
|
||||||
|
public void testQueryAllTransferSourcesForUserAndGroup()
|
||||||
|
throws SQLException, NotAuthorizedException, InvalidArgumentException, SystemException,
|
||||||
|
InvalidRequestException {
|
||||||
|
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
|
||||||
|
.accessIdsHavePermission(WorkbasketPermission.DISTRIBUTE, "user_1_1", "group_1")
|
||||||
|
.list();
|
||||||
|
Assert.assertEquals(2, results.size());
|
||||||
|
List<String> keys = new ArrayList<>(Arrays.asList("GPK_KSC_1", "USER_1_1"));
|
||||||
|
for (WorkbasketSummary wb : results) {
|
||||||
|
Assert.assertTrue(keys.contains(wb.getKey()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(
|
@WithAccessId(
|
||||||
userName = "user_1_1",
|
userName = "user_1_1",
|
||||||
groupNames = {"group_1"})
|
groupNames = {"group_1"})
|
||||||
|
|
@ -116,7 +136,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
|
List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
|
||||||
.callerHasPermission(WorkbasketPermission.APPEND)
|
.callerHasPermission(WorkbasketPermission.APPEND)
|
||||||
.list();
|
.list();
|
||||||
Assert.assertEquals(7, results.size());
|
Assert.assertEquals(6, results.size());
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(userName = "user_1_1")
|
@WithAccessId(userName = "user_1_1")
|
||||||
|
|
|
||||||
|
|
@ -184,7 +184,20 @@ public class QueryWorkbasketsWithPaginationAccTest extends AbstractAccTest {
|
||||||
long count = workbasketService.createWorkbasketQuery()
|
long count = workbasketService.createWorkbasketQuery()
|
||||||
.domainIn("DOMAIN_A")
|
.domainIn("DOMAIN_A")
|
||||||
.count();
|
.count();
|
||||||
assertThat(count, equalTo(9L));
|
assertThat(count, equalTo(8L));
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(
|
||||||
|
userName = "teamlead_1",
|
||||||
|
groupNames = {"group_1"})
|
||||||
|
@Test
|
||||||
|
public void testWorkbasketQueryDomA()
|
||||||
|
throws SQLException, NotAuthorizedException, InvalidArgumentException {
|
||||||
|
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
List<WorkbasketSummary> result = workbasketService.createWorkbasketQuery()
|
||||||
|
.domainIn("DOMAIN_A")
|
||||||
|
.list();
|
||||||
|
assertThat(result.size(), equalTo(8));
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue