RowLevelRole info

m.russo · July 29, 2022, 3:11pm

Hi was taking a look into documentation about RowLevelRol at design time:

@RowLevelRole(
name = “Can see only Orders created by themselves”,
code = “orders-created-by-themselves”)
public interface CreatedByMeOrdersRole {

@JpqlRowLevelPolicy(
        entityClass = Order.class,
        where = "{E}.createdBy = :current_user_username")
void order();

}

And reading that we can use session and user attributes in query parameters… only?! If not, it would be welcome to get a sample using a generic parameter.

Thank’s in advance

gorbunkov · August 2, 2022, 8:06am

Hi,
Could you explain what do you mean by “generic parameter” here? Explain your use case in more details, please.

m.russo · August 2, 2022, 8:14am

As “generic parameter” i mean something not in session, for exmaple calculated in business logic snippet

gorbunkov · August 2, 2022, 8:29am

Currently JPQL row-level policies just modify JPQL queries, so each time you query the Order entity, some additional query condition is added.

Do I understand correctly that on each JPQL query you want to invoke some business logic that will calculate query parameter values and set these parameters to original query in addition to just modifying a query?

m.russo · August 2, 2022, 8:40am

I try to explain better by example.

For now we used to execute JPQL query through jpa repositories in this way:

@Query(“SELECT COUNT(p) FROM P326protocol p WHERE p.iDEMail = :p326email”)
public Long countByEmail(@Param(“p326email”) P326email p326email);

calling countByEmail on jpa repository, i’m able to pass my param p326email

gorbunkov · August 2, 2022, 12:22pm

Ok, but I still don’t understand how does you sample relate to row-level policies?
Your example is just a regular query with the parameter that can be executed using the DataManager.