Hibernate Community • View topic - filter problem on a set in hibernate 3.0beta1

View unanswered posts | View active topics

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

filter problem on a set in hibernate 3.0beta1

Page 1 of 1

[ 2 posts ]

Previous topic | Next topic

Author

Message

bernardsirius

Post subject: filter problem on a set in hibernate 3.0beta1

Posted: Mon Dec 27, 2004 10:54 am

Newbie

Joined: Mon Dec 27, 2004 10:23 am
Posts: 7

I want (should I say need?) to use filters for access rights handling (isn't it one of its rightful purposes?), so basically I have 3 tables:

an accessrights table:

Code:

CREATE TABLE `access_rights` (
  `ID` varchar(255) NOT NULL default '',
  `class` varchar(255) NOT NULL default '',
  `RESOURCE_ID` varchar(255) binary default NULL,
  `DTO` varchar(255) binary default NULL,
  `USER` varchar(255) binary default NULL,
  `ROLE` varchar(255) binary default NULL,
  `INCLUDES` varchar(255) binary default NULL,
  `EXCLUDES` varchar(255) binary default NULL,
  `FLAGS` int(11) default NULL,
  `PATH` varchar(255) binary default NULL,
  PRIMARY KEY  (`ID`)
) TYPE=MyISAM;

a resource table

Code:

CREATE TABLE `resource` (
  `ID` varchar(255) NOT NULL default '',
  `class` varchar(255) NOT NULL default '',
  `CORE_M_D_FK` varchar(63) default NULL,
  `PREDICATE_FK` varchar(63) default NULL,
  `ADDRESS_FK` varchar(63) default NULL,
  `LOCATION_FK` varchar(63) default NULL,
  `NAME_FK` varchar(63) default NULL,
  `DESCRIPTION_FK` varchar(63) default NULL,
  `ORGANISATION_FK` varchar(63) default NULL,
  `PERSON_FK` varchar(63) default NULL,
  `ACTIVITY_FK` varchar(63) default NULL,
  `TIME_INFO_FK` varchar(63) default NULL,
  `URI` varchar(255) binary default NULL,
  `MEDIA_PATH` varchar(255) binary default NULL,
  `ORIGINAL_MEDIA_PATH` varchar(255) binary default NULL,
  `MEDIA_U_R_L` varchar(255) binary default NULL,
  `IS_REMOTE` tinyint(4) default NULL,
  `TEXT` varchar(255) binary default NULL,
  `THUMBNAILS_FK` varchar(63) default NULL,

etc etc...

and a many-to-many index table:

Code:

CREATE TABLE `resource_access_rights` (
  `RESOURCE_FK` varchar(63) NOT NULL default '',
  `ACCESS_RIGHTS_FK` varchar(63) NOT NULL default '',
  PRIMARY KEY  (`RESOURCE_FK`,`ACCESS_RIGHTS_FK`),
  KEY `FK8EB286A149958A96` (`RESOURCE_FK`),
  KEY `FK8EB286A14BE74F12` (`ACCESS_RIGHTS_FK`)
) TYPE=MyISAM;

I want to filter the resources in two passes:
- first filter the resources based on a special flag that indicates that it is readable by the current user or group of users
- at the application level, get the accessrights records that are pertinent for this user and the group (s)he belongs to and make to finer-grained grantings based on a specific mechanism (I use xpaths on the dtos, never mind)

My idea was that I needed to put a filter on the accessrights association which is defined on the resource class, like so:

Code:

<set name="accessRights" table="RESOURCE_ACCESS_RIGHTS" lazy="true" inverse="false" cascade="none" sort="unsorted">
<key column="RESOURCE_FK"/>
<many-to-many class="fractals.psychos.core.system.entity.AccessRights" column="ACCESS_RIGHTS_FK" outer-join="auto"/>
<filter name="userPermissions" condition=":dto=DTO AND (:user=USER OR (:role1=ROLE OR :role2=ROLE OR :role3=ROLE OR :role4=ROLE OR :role5=ROLE OR :role6=ROLE OR :role7=ROLE OR :role8=ROLE OR :role9=ROLE OR :role10=ROLE))"/>
</set>

Note: this awful OR rolen=ROLE mess is there because I couldn't get a proper IN (:role1,:role2,:role3...) statement to work...

Then, at the class level, I thought I could add a second requirement based on what's already filtered (but that's probably impossible, however read on: I couldn't get it that far anyway). So for the record this is what I had in mind to filter the resources at the "class level":

Code:

<filter name="userPermissions" condition="FROM this.accessRights as accessRights WHERE accessRights.flags=0"/></class>

Like will be clear with the generated SQL for this is that hibernate gets confused in the table aliases:

select accessrigh0_.RESOURCE_FK as RESOURCE1___, accessrigh0_.ACCESS_RIGHTS_FK as ACCESS_R2___, accessrigh1_.ID as ID0_, accessrigh1_.RESOURCE_ID as RESOURCE3_10_0_, accessrigh1_.DTO as DTO10_0_, accessrigh1_.USER as USER10_0_, accessrigh1_.ROLE as ROLE10_0_, accessrigh1_.INCLUDES as INCLUDES10_0_, accessrigh1_.EXCLUDES as EXCLUDES10_0_, accessrigh1_.FLAGS as FLAGS10_0_, accessrigh1_.PATH as PATH10_0_, accessrigh1_.class as class0_ from RESOURCE_ACCESS_RIGHTS accessrigh0_ inner join ACCESS_RIGHTS accessrigh1_ on accessrigh0_.ACCESS_RIGHTS_FK=accessrigh1_.ID where ?=accessrigh0_.DTO AND (?=accessrigh0_.USER OR (?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE OR ?=accessrigh0_.ROLE)) and accessrigh0_.RESOURCE_FK=?

very logically, I get the following message:

Code:

14:43:50,191 ERROR [JDBCExceptionReporter] Column not found,  message from server: "Unknown column 'accessrigh0_.DTO' in 'where clause'"

Yes, actually all the accessrigh0_.xxx in the WHERE clause should be replaced by accessrigh1_.xxx

Did I do something wrong? Am I trying to do something impossible?
Help is greatly appreciated - I'm in a horrible hurry

Bernard

Top

joshua

Post subject:

Posted: Mon Dec 27, 2004 12:55 pm

Contributor

Joined: Thu Nov 06, 2003 9:49 pm
Posts: 104
Location: New York, NY

You are not doing anything wrong. The problem is that support for many-to-many relationships isn't working fully in Hibernate 3 beta1. It's coming along, but I'm not quite done with that yet.

Josh

Top

Page 1 of 1

[ 2 posts ]

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum