0

我正在使用带有很多条件的休眠条件查询。查询是否包含应用程序状态和角色的采购申请表。所以为了简单起见,所有表格都以状态 1 或草稿开始。保存表单后,当前用户成为创建者。创建者可以将其他用户分配给表单,例如授权人或联系人。这些是我认为的动态角色。所以我的表格的前三个状态如下,

State 1 "Draft" role Creator
State 2 "Authorizer" role Authorizer
State 3 "Contact" role Contact

离开状态 3 并进入状态 4 后,应用程序现在进入管理员角色。在表格最终获得批准和关闭之前,最多可能有 15 个州。直到最后四个状态,Creator、Authorizer 和 Contact 将继续具有访问权限。最后四个州,他们将无法访问。

除非管理员是创建者、授权者或联系人,否则用户将无权访问前三个状态,但将继续访问最后一个状态,包括非管理员无权访问的其余四个状态也。

我当前的查询如下所示,但是作为管理员,我希望不必手动硬编码要添加到查询中的每个 applicationState 并添加所有这些,但排除管理员不在动态中的状态角色创建者、授权者或联系人。

此查询有效,但非常混乱。

Disjunction programRoles = Restrictions.disjunction();
            programRoles.add(Restrictions.eq(Role.ROLE_CREATOR, user));
            programRoles.add(Restrictions.eq(Role.ROLE_AUTHORIZER, user));
            programRoles.add(Restrictions.eq(Role.ROLE_CONTACT, user));

            if(roleManagerService.isAdmin()) {
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.ARCHIVED.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.ASSESSOR_REVIEW.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.ASSIGNOR_REVIEW.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.AUDITOR_REVIEW.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.BURIED.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.DEAD.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.FINAL.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.FINAL_MAJOR_APPROVAL.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.FINAL_MINOR_APPROVAL.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.IFAS_LOAD.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.PO_COLLECTION.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.PO_DISTRIBUTION.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.PO_EVALUATION.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.PURGE.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.SECONDARY_MAJOR_REVIEW.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.SECONDARY_MINOR_REVIEW.name()));
                programRoles.add(Restrictions.eq("currentState.prStateCode", ApplicationStateEnum.SECONDARY_OVERHEAD_REVIEW.name()));
            }

        Criteria results = this.session.createCriteria(PurchaseRequest.class)
                .createAlias("currentState", "currentState")
                .add(programRoles);

                if(!roleManagerService.isAdmin()) {
                    results.add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.DEAD.name()))
                            .add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.ARCHIVED.name()))
                            .add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.FINAL.name()))
                            .add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.BURIED.name()));
                }

我想知道是否有人可以指出我的方向来清理它,使其更具活力。

4

1 回答 1

1

我还没有真正尝试过,但可能只是添加了不允许管理员用户查看的限制。就像是:

Disjunction programRoles = Restrictions.disjunction();
programRoles.add(Restrictions.eq(Role.ROLE_CREATOR, user));
programRoles.add(Restrictions.eq(Role.ROLE_AUTHORIZER, user));
programRoles.add(Restrictions.eq(Role.ROLE_CONTACT, user));

// change starts here
if(roleManagerService.isAdmin()) {
    Conjunction notHiddenStateForAdmin = Restrictions.conjunction();
    notHiddenStateForAdmin.add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.FIRST_STATE.name()));
    notHiddenStateForAdmin.add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.SECOND_STATE.name()));
    notHiddenStateForAdmin.add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.THIRD_STATE.name()));
    programRoles.add(notHiddenStateForAdmin);
}

// rest unchanged
Criteria results = this.session.createCriteria(PurchaseRequest.class)
       .createAlias("currentState", "currentState")
       .add(programRoles);

if(!roleManagerService.isAdmin()) {
     results.add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.DEAD.name()))
            .add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.ARCHIVED.name()))
            .add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.FINAL.name()))
            .add(Restrictions.ne("currentState.prStateCode", ApplicationStateEnum.BURIED.name()));
}
于 2013-02-06T20:06:09.947 回答