diff --git a/base/src/org/compiere/model/MAlert.java b/base/src/org/compiere/model/MAlert.java index 448ec744d3..707220ce00 100644 --- a/base/src/org/compiere/model/MAlert.java +++ b/base/src/org/compiere/model/MAlert.java @@ -95,7 +95,11 @@ public class MAlert extends X_AD_Alert pstmt.setInt (1, getAD_Alert_ID()); rs = pstmt.executeQuery (); while (rs.next ()) - list.add (new MAlertRule (getCtx(), rs, null)); + { + MAlertRule rule = new MAlertRule (getCtx(), rs, null); + rule.setParent(this); + list.add (rule); + } } catch (Exception e) { diff --git a/base/src/org/compiere/model/MAlertRule.java b/base/src/org/compiere/model/MAlertRule.java index fd23237505..5a05874c10 100644 --- a/base/src/org/compiere/model/MAlertRule.java +++ b/base/src/org/compiere/model/MAlertRule.java @@ -16,8 +16,8 @@ *****************************************************************************/ package org.compiere.model; -import java.sql.*; -import java.util.*; +import java.sql.ResultSet; +import java.util.Properties; /** @@ -50,20 +50,72 @@ public class MAlertRule extends X_AD_AlertRule super(ctx, rs, trxName); } // MAlertRule + /** Alert */ + private MAlert m_parent = null; + /** - * Get Sql + * Get parent + * @return parent alert + */ + public MAlert getParent() { + if (m_parent == null || m_parent.get_ID() != getAD_Alert_ID()) + m_parent = new MAlert(getCtx(), getAD_Alert_ID(), get_TrxName()); + return m_parent; + } + + /** + * Set parent alert. + * NOTE: is not setting AD_Alert_ID + * @param alert + */ + public void setParent(MAlert alert) { + m_parent = alert; + } + + /** + * Get Sql * @return sql + * @deprecated Use {@link #getSql(boolean)} instead */ public String getSql() + { + return getSql(false); + } + + /** + * Get Sql + * @param applySecurity apply role/client security + * @return sql + */ + public String getSql(boolean applySecurity) { StringBuffer sql = new StringBuffer(); sql.append("SELECT ").append(getSelectClause()) .append(" FROM ").append(getFromClause()); if (getWhereClause() != null && getWhereClause().length() > 0) sql.append(" WHERE ").append(getWhereClause()); + String finalSQL = sql.toString(); + // + // Apply Security: + if (applySecurity) { + MAlert alert = getParent(); + if (alert.isEnforceRoleSecurity() + || alert.isEnforceClientSecurity()) + { + int AD_Role_ID = alert.getFirstAD_Role_ID(); + if (AD_Role_ID == -1) + AD_Role_ID = alert.getFirstUserAD_Role_ID(); + if (AD_Role_ID != -1) + { + MRole role = MRole.get(getCtx(), AD_Role_ID); + finalSQL = role.addAccessSQL(finalSQL, null, true, false); + } + } + } + // if (getOtherClause() != null && getOtherClause().length() > 0) - sql.append(" ").append(getOtherClause()); - return sql.toString(); + finalSQL += " " + getOtherClause(); + return finalSQL; } // getSql @@ -91,7 +143,7 @@ public class MAlertRule extends X_AD_AlertRule sb.append(get_ID()) .append("-").append(getName()) .append(",Valid=").append(isValid()) - .append(",").append(getSql()); + .append(",").append(getSql(false)); sb.append ("]"); return sb.toString (); } // toString diff --git a/serverRoot/src/main/server/org/compiere/server/AlertProcessor.java b/serverRoot/src/main/server/org/compiere/server/AlertProcessor.java index d493f9c9b0..5b5d17a868 100644 --- a/serverRoot/src/main/server/org/compiere/server/AlertProcessor.java +++ b/serverRoot/src/main/server/org/compiere/server/AlertProcessor.java @@ -32,7 +32,6 @@ import org.compiere.model.MAlertProcessor; import org.compiere.model.MAlertProcessorLog; import org.compiere.model.MAlertRule; import org.compiere.model.MClient; -import org.compiere.model.MRole; import org.compiere.model.MSysConfig; import org.compiere.model.MUser; import org.compiere.util.CLogger; @@ -156,20 +155,7 @@ public class AlertProcessor extends AdempiereServer } // Pre // The processing - sql = rule.getSql(); - if (alert.isEnforceRoleSecurity() - || alert.isEnforceClientSecurity()) - { - int AD_Role_ID = alert.getFirstAD_Role_ID(); - if (AD_Role_ID == -1) - AD_Role_ID = alert.getFirstUserAD_Role_ID(); - if (AD_Role_ID != -1) - { - MRole role = MRole.get(getCtx(), AD_Role_ID); - sql = role.addAccessSQL(sql, null, true, false); - } - } - + sql = rule.getSql(true); try { String text = null;