BF [ 1964516 ] Alerts: access sql should be added before "OtherClause"

This commit is contained in:
teo_sarca 2008-05-15 12:21:20 +00:00
parent 8d20bcb0b3
commit 0d82d31c79
3 changed files with 64 additions and 22 deletions

View File

@ -95,7 +95,11 @@ public class MAlert extends X_AD_Alert
pstmt.setInt (1, getAD_Alert_ID());
rs = pstmt.executeQuery ();
while (rs.next ())
list.add (new MAlertRule (getCtx(), rs, null));
{
MAlertRule rule = new MAlertRule (getCtx(), rs, null);
rule.setParent(this);
list.add (rule);
}
}
catch (Exception e)
{

View File

@ -16,8 +16,8 @@
*****************************************************************************/
package org.compiere.model;
import java.sql.*;
import java.util.*;
import java.sql.ResultSet;
import java.util.Properties;
/**
@ -50,20 +50,72 @@ public class MAlertRule extends X_AD_AlertRule
super(ctx, rs, trxName);
} // MAlertRule
/** Alert */
private MAlert m_parent = null;
/**
* Get parent
* @return parent alert
*/
public MAlert getParent() {
if (m_parent == null || m_parent.get_ID() != getAD_Alert_ID())
m_parent = new MAlert(getCtx(), getAD_Alert_ID(), get_TrxName());
return m_parent;
}
/**
* Set parent alert.
* NOTE: is not setting AD_Alert_ID
* @param alert
*/
public void setParent(MAlert alert) {
m_parent = alert;
}
/**
* Get Sql
* @return sql
* @deprecated Use {@link #getSql(boolean)} instead
*/
public String getSql()
{
return getSql(false);
}
/**
* Get Sql
* @param applySecurity apply role/client security
* @return sql
*/
public String getSql(boolean applySecurity)
{
StringBuffer sql = new StringBuffer();
sql.append("SELECT ").append(getSelectClause())
.append(" FROM ").append(getFromClause());
if (getWhereClause() != null && getWhereClause().length() > 0)
sql.append(" WHERE ").append(getWhereClause());
String finalSQL = sql.toString();
//
// Apply Security:
if (applySecurity) {
MAlert alert = getParent();
if (alert.isEnforceRoleSecurity()
|| alert.isEnforceClientSecurity())
{
int AD_Role_ID = alert.getFirstAD_Role_ID();
if (AD_Role_ID == -1)
AD_Role_ID = alert.getFirstUserAD_Role_ID();
if (AD_Role_ID != -1)
{
MRole role = MRole.get(getCtx(), AD_Role_ID);
finalSQL = role.addAccessSQL(finalSQL, null, true, false);
}
}
}
//
if (getOtherClause() != null && getOtherClause().length() > 0)
sql.append(" ").append(getOtherClause());
return sql.toString();
finalSQL += " " + getOtherClause();
return finalSQL;
} // getSql
@ -91,7 +143,7 @@ public class MAlertRule extends X_AD_AlertRule
sb.append(get_ID())
.append("-").append(getName())
.append(",Valid=").append(isValid())
.append(",").append(getSql());
.append(",").append(getSql(false));
sb.append ("]");
return sb.toString ();
} // toString

View File

@ -32,7 +32,6 @@ import org.compiere.model.MAlertProcessor;
import org.compiere.model.MAlertProcessorLog;
import org.compiere.model.MAlertRule;
import org.compiere.model.MClient;
import org.compiere.model.MRole;
import org.compiere.model.MSysConfig;
import org.compiere.model.MUser;
import org.compiere.util.CLogger;
@ -156,20 +155,7 @@ public class AlertProcessor extends AdempiereServer
} // Pre
// The processing
sql = rule.getSql();
if (alert.isEnforceRoleSecurity()
|| alert.isEnforceClientSecurity())
{
int AD_Role_ID = alert.getFirstAD_Role_ID();
if (AD_Role_ID == -1)
AD_Role_ID = alert.getFirstUserAD_Role_ID();
if (AD_Role_ID != -1)
{
MRole role = MRole.get(getCtx(), AD_Role_ID);
sql = role.addAccessSQL(sql, null, true, false);
}
}
sql = rule.getSql(true);
try
{
String text = null;