marta-jankovics commented on code in PR #3304:
URL: https://github.com/apache/fineract/pull/3304#discussion_r1261865730
##########
fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java:
##########
@@ -1709,98 +1709,93 @@ private Long getLongSqlRowSet(final SqlRowSet rs, final
String column) {
return val;
}
- private String dataScopedSQL(final String appTable, final Long appTableId)
{
+ private String dataScopedSQL(String appTable, Long appTableId) {
/*
* unfortunately have to, one way or another, be able to restrict data
to the users office hierarchy. Here, a
* few key tables are done. But if additional fields are needed on
other tables the same pattern applies
*/
-
final AppUser currentUser = this.context.authenticatedUser();
+ String currentUserOfficeHierarchy =
currentUser.getOffice().getHierarchy();
+ String officeHierarchyCondition = " o.hierarchy like '" +
currentUserOfficeHierarchy + "%'";
String scopedSQL = null;
/*
* m_loan and m_savings_account are connected to an m_office thru
either an m_client or an m_group If both it
* means it relates to an m_client that is in a group (still an
m_client account)
*/
- if (appTable.equalsIgnoreCase("m_loan")) {
- scopedSQL = "select distinct x.* from ("
- + " (select o.id as officeId, l.group_id as groupId,
l.client_id as clientId, null as savingsId, l.id as loanId, null as entityId
from m_loan l "
- + " join m_client c on c.id = l.client_id " + " join
m_office o on o.id = c.office_id and o.hierarchy like '"
- + currentUser.getOffice().getHierarchy() + "%'" + " where
l.id = " + appTableId + ")" + " union all "
- + " (select o.id as officeId, l.group_id as groupId,
l.client_id as clientId, null as savingsId, l.id as loanId, null as entityId
from m_loan l "
- + " join m_group g on g.id = l.group_id " + " join
m_office o on o.id = g.office_id and o.hierarchy like '"
- + currentUser.getOffice().getHierarchy() + "%'" + " where
l.id = " + appTableId + ")" + " ) as x";
- }
- if (appTable.equalsIgnoreCase("m_savings_account")) {
- scopedSQL = "select distinct x.* from ("
- + " (select o.id as officeId, s.group_id as groupId,
s.client_id as clientId, s.id as savingsId, null as loanId, null as entityId
from m_savings_account s "
- + " join m_client c on c.id = s.client_id " + " join
m_office o on o.id = c.office_id and o.hierarchy like '"
- + currentUser.getOffice().getHierarchy() + "%'" + " where
s.id = " + appTableId + ")" + " union all "
- + " (select o.id as officeId, s.group_id as groupId,
s.client_id as clientId, s.id as savingsId, null as loanId, null as entityId
from m_savings_account s "
- + " join m_group g on g.id = s.group_id " + " join
m_office o on o.id = g.office_id and o.hierarchy like '"
- + currentUser.getOffice().getHierarchy() + "%'" + " where
s.id = " + appTableId + ")" + " ) as x";
- }
- if (appTable.equalsIgnoreCase("m_client")) {
- scopedSQL = "select o.id as officeId, null as groupId, c.id as
clientId, null as savingsId, null as loanId, null as entityId from m_client c "
- + " join m_office o on o.id = c.office_id and o.hierarchy
like '" + currentUser.getOffice().getHierarchy() + "%'"
- + " where c.id = " + appTableId;
- }
- if (appTable.equalsIgnoreCase("m_group") ||
appTable.equalsIgnoreCase("m_center")) {
- scopedSQL = "select o.id as officeId, g.id as groupId, null as
clientId, null as savingsId, null as loanId, null as entityId from m_group g "
- + " join m_office o on o.id = g.office_id and o.hierarchy
like '" + currentUser.getOffice().getHierarchy() + "%'"
- + " where g.id = " + appTableId;
- }
- if (appTable.equalsIgnoreCase("m_office")) {
- scopedSQL = "select o.id as officeId, null as groupId, null as
clientId, null as savingsId, null as loanId, null as entityId from m_office o "
- + " where o.hierarchy like '" +
currentUser.getOffice().getHierarchy() + "%'" + " and o.id = " + appTableId;
- }
-
- if (appTable.equalsIgnoreCase("m_product_loan") ||
appTable.equalsIgnoreCase("m_savings_product")
- || appTable.equalsIgnoreCase("m_share_product")) {
- scopedSQL = "select null as officeId, null as groupId, null as
clientId, null as savingsId, null as loanId, p.id as entityId from "
- + appTable + " as p WHERE p.id = " + appTableId;
- }
-
- if (scopedSQL == null) {
- throw new
PlatformDataIntegrityException("error.msg.invalid.dataScopeCriteria",
- "Application Table: " + appTable + " not catered for in
data Scoping");
- }
+ switch (appTable.toLowerCase()) {
+ case "m_loan":
+ scopedSQL = "select distinct x.* from ("
+ + " (select o.id as officeId, l.group_id as groupId,
l.client_id as clientId, null as savingsId, l.id as loanId, null as entityId
from m_loan l "
+ + " join m_client c on c.id = l.client_id " + " join
m_office o on o.id = c.office_id and "
+ + officeHierarchyCondition + " where l.id = " +
appTableId + ")" + " union all "
+ + " (select o.id as officeId, l.group_id as groupId,
l.client_id as clientId, null as savingsId, l.id as loanId, null as entityId
from m_loan l "
+ + " join m_group g on g.id = l.group_id " + " join
m_office o on o.id = g.office_id and " + officeHierarchyCondition
+ + " where l.id = " + appTableId + ")" + " ) as x";
+ break;
+ case "m_savings_account":
+ scopedSQL = "select distinct x.* from ("
+ + " (select o.id as officeId, s.group_id as groupId,
s.client_id as clientId, s.id as savingsId, null as loanId, null as entityId
from m_savings_account s "
+ + " join m_client c on c.id = s.client_id " + " join
m_office o on o.id = c.office_id and "
+ + officeHierarchyCondition + " where s.id = " +
appTableId + ")" + " union all "
+ + " (select o.id as officeId, s.group_id as groupId,
s.client_id as clientId, s.id as savingsId, null as loanId, null as entityId
from m_savings_account s "
+ + " join m_group g on g.id = s.group_id " + " join
m_office o on o.id = g.office_id and " + officeHierarchyCondition
+ + " where s.id = " + appTableId + ")" + " ) as x";
+ break;
+ case "m_savings_account_transaction":
+ scopedSQL = "select distinct x.* from ("
+ + " (select o.id as officeId, s.group_id as groupId,
s.client_id as clientId, s.id as savingsId, null as loanId, t.id as entityId
from m_savings_account_transaction t"
+ + " join m_savings_account s on t.savings_account_id =
s.id join m_client c on c.id = s.client_id join m_office o on o.id =
c.office_id and "
+ + officeHierarchyCondition + " where t.id = " +
appTableId + ")" + " union all "
+ + " (select o.id as officeId, s.group_id as groupId,
s.client_id as clientId, s.id as savingsId, null as loanId, t.id as entityId
from m_savings_account_transaction t "
+ + " join m_savings_account s on t.savings_account_id =
s.id "
+ + " join m_group g on g.id = s.group_id join m_office
o on o.id = g.office_id and " + officeHierarchyCondition
+ + " where t.id = " + appTableId + ")" + " ) as x";
+ break;
+ case "m_client":
+ scopedSQL = "select o.id as officeId, null as groupId, c.id as
clientId, null as savingsId, null as loanId, null as entityId from m_client c "
+ + " join m_office o on o.id = c.office_id and " +
officeHierarchyCondition + " where c.id = " + appTableId;
+ break;
+ case "m_group":
+ case "m_center":
+ scopedSQL = "select o.id as officeId, g.id as groupId, null as
clientId, null as savingsId, null as loanId, null as entityId from m_group g "
+ + " join m_office o on o.id = g.office_id and " +
officeHierarchyCondition + " where g.id = " + appTableId;
+ break;
+ case "m_office":
+ scopedSQL = "select o.id as officeId, null as groupId, null as
clientId, null as savingsId, null as loanId, null as entityId from m_office o "
+ + " where " + officeHierarchyCondition + " and o.id =
" + appTableId;
+ break;
+ case "m_product_loan":
+ case "m_savings_product":
+ case "m_share_product":
+ scopedSQL = "select null as officeId, null as groupId, null as
clientId, null as savingsId, null as loanId, p.id as entityId from "
+ + appTable + " as p WHERE p.id = " + appTableId;
+ break;
+ default:
+ throw new
PlatformDataIntegrityException("error.msg.invalid.dataScopeCriteria",
+ "Application Table: " + appTable + " not catered for
in data Scoping");
+ }
return scopedSQL;
}
private void validateAppTable(final String appTable) {
-
- if (appTable.equalsIgnoreCase("m_loan")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_savings_account")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_client")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_group")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_center")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_office")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_product_loan")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_savings_product")) {
- return;
- }
- if (appTable.equalsIgnoreCase("m_share_product")) {
- return;
+ switch (appTable.toLowerCase()) {
+ case "m_loan":
+ case "m_savings_account":
+ case "m_savings_account_transaction":
+ case "m_client":
+ case "m_group":
+ case "m_center":
+ case "m_office":
+ case "m_product_loan":
+ case "m_savings_product":
+ case "m_share_product":
+ return;
+ default:
+ throw new
PlatformDataIntegrityException("error.msg.invalid.application.table", "Invalid
Application Table: " + appTable,
+ "name", appTable);
}
-
- throw new
PlatformDataIntegrityException("error.msg.invalid.application.table", "Invalid
Application Table: " + appTable, "name",
- appTable);
}
private String mapToActualAppTable(final String appTable) {
Review Comment:
There are so many other places regarding datatables where you did not add
the new apptable type:
org.apache.fineract.infrastructure.dataqueries.data.EntityTables
org.apache.fineract.infrastructure.dataqueries.service.EntityDatatableChecksReadPlatformServiceImpl
org.apache.fineract.infrastructure.dataqueries.service.EntityDatatableChecksWritePlatformServiceImpl
Could you please provide a full solution.
Integration tests also should be added.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@fineract.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
