Issue Description
Domain security files can contain expressions for the resourceAccessGrant elements, and the syntax can be tricky if you need to parse a single profile attribute in which you are putting multiple values, such as comma-seperated values.
Resolution
The example below is just an idea to help foster your own code. I created a profile attribute named test. The value for it contains a comma:
greg, hudson
To parse this I tried the following in my domain security file:
<resourceAccessGrant id="sales_join_ROLE_SUPERMART_MANAGER_row_grant">
<principalExpression>
authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_SUPERMART_MANAGER'] }
</principalExpression>
<filterExpression>
store1.store_country in ('USA') and store1.store_state in(groovy('attributesService.getAttribute("test", "USER", true) .attrValue.split(",") .collect{"''" + it + "''"} .join(",") .replaceFirst("^''","") .replaceFirst("''\$","")' ))
</filterExpression>
</resourceAccessGrant>
Logging outputs the query as:
select "store1"."store_type" as "store1_store_type"
from "public"."store" "store1"
where ("store1"."store_country" in ('USA'))
and ("store1"."store_state" in ('greg',' hudson'))
group by "store1"."store_type"
Ref. Case 01560787
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now