User substitution jmix-projects/jmix-security#30

jmix-projects · Sep 13, 2021 · 3f23f59 · 3f23f59
1 parent 68c941f
commit 3f23f59
Show file tree

Hide file tree

Showing 7 changed files with 24 additions and 12 deletions.
diff --git a/reports-rest/src/main/java/io/jmix/reportsrest/controller/ReportRestControllerManager.java b/reports-rest/src/main/java/io/jmix/reportsrest/controller/ReportRestControllerManager.java
@@ -27,12 +27,12 @@
 import io.jmix.core.security.CurrentAuthentication;
 import io.jmix.reports.ParameterClassResolver;
 import io.jmix.reports.ReportSecurityManager;
-import io.jmix.reports.runner.ReportRunContext;
-import io.jmix.reports.runner.ReportRunner;
 import io.jmix.reports.entity.*;
 import io.jmix.reports.exception.FailedToConnectToOpenOfficeException;
 import io.jmix.reports.exception.NoOpenOfficeFreePortsException;
 import io.jmix.reports.exception.ReportingException;
+import io.jmix.reports.runner.ReportRunContext;
+import io.jmix.reports.runner.ReportRunner;
 import io.jmix.security.constraint.PolicyStore;
 import io.jmix.security.constraint.SecureOperations;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -109,7 +109,10 @@ public String loadReportsList() {
 
         loadContext.setFetchPlan(fetchPlan)
                 .setQueryString("select r from report_Report r where r.restAccess = true");
-        reportSecurityManager.applySecurityPolicies(loadContext, null, currentAuthentication.getUser());
+        reportSecurityManager.applySecurityPolicies(
+                loadContext,
+                null,
+                currentAuthentication.getCurrentOrSubstitutedUser());
         List<Report> reports = dataManager.loadList(loadContext);
 
         List<ReportInfo> objects = reports.stream()
@@ -188,7 +191,7 @@ protected Report loadReportInternal(String entityId) {
                 .setQueryString("select r from report_Report r where r.id = :id and r.restAccess = true")
                 .setParameter("id", getReportIdFromString(entityId));
 
-        reportSecurityManager.applySecurityPolicies(loadContext, null, currentAuthentication.getUser());
+        reportSecurityManager.applySecurityPolicies(loadContext, null, currentAuthentication.getCurrentOrSubstitutedUser());
 
         Report report = dataManager.load(loadContext);
 

diff --git a/reports-ui/src/main/java/io/jmix/reportsui/action/AbstractPrintFormAction.java b/reports-ui/src/main/java/io/jmix/reportsui/action/AbstractPrintFormAction.java
@@ -95,7 +95,10 @@ protected void openRunReportScreen(Screen screen, Object selectedValue, MetaClas
 
     protected void openRunReportScreen(Screen screen, Object selectedValue, MetaClass inputValueMetaClass,
                                        @Nullable String outputFileName) {
-        List<Report> reports = reportSecurityManager.getAvailableReports(screen.getId(), currentAuthentication.getUser(), inputValueMetaClass);
+        List<Report> reports = reportSecurityManager.getAvailableReports(
+                screen.getId(),
+                currentAuthentication.getCurrentOrSubstitutedUser(),
+                inputValueMetaClass);
 
         ScreenContext screenContext = UiControllerUtils.getScreenContext(screen);
 

diff --git a/reports-ui/src/main/java/io/jmix/reportsui/screen/report/history/ReportExecutionDialog.java b/reports-ui/src/main/java/io/jmix/reportsui/screen/report/history/ReportExecutionDialog.java
@@ -76,7 +76,7 @@ public class ReportExecutionDialog extends StandardLookup<Report> {
     @Install(to = "reportsDl", target = Target.DATA_LOADER)
     protected List<Report> reportsDlLoadDelegate(LoadContext<Report> loadContext) {
         return reportSecurityManager.getAvailableReports(screenParameter,
-                currentAuthentication.getUser(),
+                currentAuthentication.getCurrentOrSubstitutedUser(),
                 metaClassParameter);
     }
 
@@ -96,7 +96,7 @@ protected void onApplyFilterBtnClick(Button.ClickEvent event) {
 
     protected void filterReports() {
         List<Report> reports = reportSecurityManager.getAvailableReports(screenParameter,
-                currentAuthentication.getUser(),
+                currentAuthentication.getCurrentOrSubstitutedUser(),
                 metaClassParameter)
                 .stream()
                 .filter(this::filterReport)

diff --git a/reports-ui/src/main/java/io/jmix/reportsui/screen/report/run/ReportRun.java b/reports-ui/src/main/java/io/jmix/reportsui/screen/report/run/ReportRun.java
@@ -121,7 +121,7 @@ public void onInit(InitEvent event) {
     protected void onBeforeShow(BeforeShowEvent event) {
         List<Report> reports = this.reports;
         if (reports == null) {
-            reports = reportSecurityManager.getAvailableReports(screenParameter, currentAuthentication.getUser(),
+            reports = reportSecurityManager.getAvailableReports(screenParameter, currentAuthentication.getCurrentOrSubstitutedUser(),
                     metaClassParameter);
         }
 
@@ -173,7 +173,7 @@ protected void filterReports() {
         Date dateFilterValue = updatedDateFilter.getValue();
 
         List<Report> reports =
-                reportSecurityManager.getAvailableReports(screenParameter, currentAuthentication.getUser(),
+                reportSecurityManager.getAvailableReports(screenParameter, currentAuthentication.getCurrentOrSubstitutedUser(),
                         metaClassParameter)
                         .stream()
                         .filter(report -> {

diff --git a/reports-ui/src/main/java/io/jmix/reportsui/screen/report/run/ShowChartScreen.java b/reports-ui/src/main/java/io/jmix/reportsui/screen/report/run/ShowChartScreen.java
@@ -153,7 +153,10 @@ protected void onBeforeShow(BeforeShowEvent event) {
     @Subscribe(id = "reportsDl", target = Target.DATA_LOADER)
     public void onReportsDlPostLoad(CollectionLoader.PostLoadEvent<Report> event) {
         List<Report> entities = event.getLoadedEntities();
-        List<Report> availableReports = reportSecurityManager.getAvailableReports(null, currentAuthentication.getUser(), null);
+        List<Report> availableReports = reportSecurityManager.getAvailableReports(
+                null,
+                currentAuthentication.getCurrentOrSubstitutedUser(),
+                null);
         entities.retainAll(availableReports);
         reportsDc.setItems(entities);
     }

diff --git a/reports-ui/src/main/java/io/jmix/reportsui/screen/report/run/ShowPivotTableScreen.java b/reports-ui/src/main/java/io/jmix/reportsui/screen/report/run/ShowPivotTableScreen.java
@@ -129,7 +129,10 @@ public void setPivotTableData(byte[] pivotTableData) {
     @Subscribe(id = "reportsDl", target = Target.DATA_LOADER)
     public void onReportsDlPostLoad(CollectionLoader.PostLoadEvent<Report> event) {
         List<Report> entities = event.getLoadedEntities();
-        List<Report> availableReports = reportSecurityManager.getAvailableReports(null, currentAuthentication.getUser(), null);
+        List<Report> availableReports = reportSecurityManager.getAvailableReports(
+                null,
+                currentAuthentication.getCurrentOrSubstitutedUser(),
+                null);
         entities.retainAll(availableReports);
         reportsDc.setItems(entities);
     }

diff --git a/reports/src/main/java/io/jmix/reports/ReportSecurityManager.java b/reports/src/main/java/io/jmix/reports/ReportSecurityManager.java
@@ -17,9 +17,9 @@
 package io.jmix.reports;
 
 import io.jmix.core.*;
+import io.jmix.core.metamodel.model.MetaClass;
 import io.jmix.data.QueryTransformer;
 import io.jmix.data.QueryTransformerFactory;
-import io.jmix.core.metamodel.model.MetaClass;
 import io.jmix.dynattr.DynAttrQueryHints;
 import io.jmix.reports.entity.Report;
 import io.jmix.security.model.BaseRole;