pluginprojects.sta1.security.secFeature.json Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of FROST-Server.Plugin.Projects Show documentation
Show all versions of FROST-Server.Plugin.Projects Show documentation
A Projects Plugin for the SensorThings API
{
"entries": [
{
"tableName": "FEATURES",
"wrappers": [
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.ValidatorCUD",
"checkInsert": {
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckMulti",
"combineType": "OR",
"subChecks": [
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckUserHasRoles",
"checkType": "ANY",
"roles": [
"admin",
"create"
]
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckMulti",
"combineType": "AND",
"subChecks": [
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckNavLinkQuery",
"targetNavLink": "GeneratedForLocations",
"query": "$filter\u003dThings/Projects/UserProjectRoles/User/username eq principalName() and Things/Projects/UserProjectRoles/Role/rolename in (\u0027create\u0027,\u0027admin\u0027)",
"emptyAllowed": true
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckNavLinkQuery",
"targetNavLink": "Projects",
"query": "$filter\u003dUserProjectRoles/User/username eq principalName() and UserProjectRoles/Role/rolename in (\u0027create\u0027,\u0027admin\u0027)",
"emptyAllowed": false
}
]
}
]
},
"checkUpdate": {
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckMulti",
"combineType": "OR",
"subChecks": [
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckUserHasRoles",
"checkType": "ANY",
"roles": [
"admin",
"update"
]
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckMulti",
"combineType": "AND",
"subChecks": [
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckEntityQuery",
"query": "$filter\u003dProjects/UserProjectRoles/User/username eq principalName() and Projects/UserProjectRoles/Role/rolename in (\u0027update\u0027,\u0027admin\u0027)"
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckNavLinkQuery",
"targetNavLink": "Projects",
"query": "$filter\u003dUserProjectRoles/User/username eq principalName() and UserProjectRoles/Role/rolename in (\u0027update\u0027,\u0027admin\u0027)",
"emptyAllowed": true
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckNavLinkQuery",
"targetNavLink": "GeneratedForLocations",
"query": "$filter\u003dThings/Projects/UserProjectRoles/User/username eq principalName() and Things/Projects/UserProjectRoles/Role/rolename in (\u0027create\u0027,\u0027admin\u0027)",
"emptyAllowed": true
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckNavLinkEmpty",
"targetNavLink": "Observations"
}
]
}
]
},
"checkDelete": {
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckMulti",
"combineType": "OR",
"subChecks": [
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckUserHasRoles",
"checkType": "ANY",
"roles": [
"admin",
"delete"
]
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckEntityQuery",
"query": "$filter\u003dProjects/UserProjectRoles/User/username eq principalName() and Projects/UserProjectRoles/Role/rolename in (\u0027delete\u0027,\u0027admin\u0027)"
}
]
}
},
{
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.SecurityWrapperMulti",
"wrappers": [
{
"condition": {
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckUserHasRoles",
"checkType": "ANY",
"roles": [
"read"
]
},
"wrapper": {
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.SecurityWrapperPass"
}
},
{
"condition": {
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.CheckFixed",
"valid": true
},
"wrapper": {
"@class": "de.fraunhofer.iosb.ilt.frostserver.persistence.pgjooq.utils.validator.SecurityWrapperJoin",
"joins": [
{
"targetTable": "FEATURE_PROJECTS",
"targetAlias": "fp",
"joinOnSql": "t.\"ID\" \u003d fp.\"FEATURE_ID\"",
"joinType": "INNER"
},
{
"targetTable": "PROJECTS",
"targetAlias": "pr",
"joinOnSql": "fp.\"PROJECT_ID\" \u003d pr.\"ID\"",
"joinType": "INNER"
},
{
"targetTable": "USER_PROJECT_ROLE",
"targetAlias": "upr",
"joinOnSql": "pr.\"ID\" \u003d upr.\"PROJECT_ID\"",
"joinType": "LEFT"
},
{
"targetTable": "USERS",
"targetAlias": "u",
"joinOnSql": "upr.\"USER_NAME\" \u003d u.\"USER_NAME\" ",
"joinType": "LEFT"
}
],
"where": "(pr.\"ISPUBLIC\" and not t.\"RESTRICTED\") or u.\"USER_NAME\" \u003d ?",
"usernameParameter": true
}
}
]
}
]
}
]
}© 2015 - 2025 Weber Informatics LLC | Privacy Policy