try tenants

Author: Gerald Unterrainer

Diff for: src/main/java/info/unterrainer/commons/httpserver/accessmanager/HttpAccessManager.java

@@ -169,9 +169,13 @@ private TokenVerifier<AccessToken> persistUserInfoInContext(final Context ctx) {
 			ctx.attribute(Attribute.USER_EMAIL_VERIFIED, token.getEmailVerified());
 			ctx.attribute(Attribute.USER_REALM_ROLES, token.getRealmAccess().getRoles());
 
-			String tenant = (String) token.getOtherClaims().get("tenant");
-			ctx.attribute(Attribute.USER_CLIENT_ATTRIBUTE_TENANT, tenant);
-			ctx.attribute(Attribute.USER_TENANT_SET, createTenantSetFrom(tenant));
+			String readTenants = (String) token.getOtherClaims().get("tenants_read");
+			ctx.attribute(Attribute.USER_CLIENT_ATTRIBUTE_TENANTS_READ, readTenants);
+			ctx.attribute(Attribute.USER_TENANTS_READ_SET, createTenantSetFrom(readTenants));
+
+			String writeTenants = (String) token.getOtherClaims().get("tenants_write");
+			ctx.attribute(Attribute.USER_CLIENT_ATTRIBUTE_TENANTS_WRITE, writeTenants);
+			ctx.attribute(Attribute.USER_TENANTS_WRITE_SET, createTenantSetFrom(writeTenants));
 
 			Set<String> clientRoles = Set.of();
 			String key = token.getIssuedFor();
@@ -190,7 +194,7 @@ private TokenVerifier<AccessToken> persistUserInfoInContext(final Context ctx) {
 						.email(token.getEmail())
 						.emailVerified(token.getEmailVerified())
 						.realmRoles(token.getRealmAccess().getRoles())
-						.tenant(tenant)
+						.tenant(readTenants)
 						.clientRoles(clientRoles)
 						.isActive(token.isActive())
 						.isBearer(token.getType().equalsIgnoreCase("bearer"))
@@ -218,15 +222,19 @@ private TokenVerifier<AccessToken> persistUserInfoInContext(final Context ctx) {
 	}
 
 	private Object createTenantSetFrom(final String tenant) {
-		Set<String> tenantSet = new HashSet<>();
+		Set<Long> tenantSet = new HashSet<>();
 		if (tenant == null || tenant.isBlank())
 			return tenantSet;
 
 		String[] tenants = tenant.split(",");
 		for (String t : tenants) {
 			if (t.isBlank())
 				continue;
-			tenantSet.add(t.trim());
+			try {
+				tenantSet.add(Long.parseLong(t.trim()));
+			} catch (NumberFormatException e) {
+				// NOOP
+			}
 		}
 		return tenantSet;
 	}

Diff for: src/main/java/info/unterrainer/commons/httpserver/daos/BasicListQueryBuilder.java

@@ -12,13 +12,13 @@
 import lombok.RequiredArgsConstructor;
 
 @RequiredArgsConstructor(access = AccessLevel.PACKAGE)
-public class BasicListQueryBuilder<P extends BasicJpa, T, R extends BasicListQueryBuilder<P, T, R>>
-		extends BasicQueryGeneralBuilder<P, T, R> {
+public class BasicListQueryBuilder<P extends BasicJpa, X, R extends BasicListQueryBuilder<P, X, R>>
+		extends BasicQueryGeneralBuilder<P, X, R> {
 
 	protected final EntityManagerFactory emf;
 	@Getter
 	protected final BasicJpqlDao<P> dao;
-	protected final Class<T> resultType;
+	protected final Class<X> resultType;
 
 	protected String selectClause = "o";
 	protected String orderByClause;
@@ -30,12 +30,12 @@ void setSelect(final String selectClause) {
 			this.selectClause = "o";
 	}
 
-	public TypedQuery<T> getTypedQuery(final EntityManager em) {
+	public TypedQuery<X> getTypedQuery(final EntityManager em) {
 		return dao.coreDao.getQuery(em, selectClause, joinClause, whereClause, parameters, resultType, orderByClause,
 				lockPessimistic, null);
 	}
 
-	public TypedQuery<T> getDeleteQuery(final EntityManager em) {
+	public TypedQuery<X> getDeleteQuery(final EntityManager em) {
 		return dao.coreDao.getDeleteQuery(em, joinClause, whereClause, parameters);
 	}
 

Diff for: src/main/java/info/unterrainer/commons/httpserver/daos/BasicQueryEntityManagerBuilder.java

@@ -1,7 +1,14 @@
 package info.unterrainer.commons.httpserver.daos;
 
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+
 import javax.persistence.EntityManager;
 
+import org.eclipse.jetty.webapp.WebAppContext.Context;
+
+import info.unterrainer.commons.httpserver.enums.Attribute;
 import info.unterrainer.commons.rdbutils.entities.BasicJpa;
 import lombok.AccessLevel;
 import lombok.Getter;
@@ -12,6 +19,8 @@ public class BasicQueryEntityManagerBuilder<P extends BasicJpa, T, R extends Bas
 
 	@Getter
 	protected EntityManager entityManager;
+	protected Set<Long> tenantIds;
+	protected Set<Long> writeTenantIds;
 
 	/**
 	 * Sets a custom {@link EntityManager}.
@@ -27,4 +36,34 @@ public R entityManager(final EntityManager em) {
 		entityManager = em;
 		return (R) this;
 	}
+
+	/**
+	 * Set custom tenant-IDs to be used when querying / writing to the database.
+	 * <p>
+	 * Overwrites the existing set.
+	 *
+	 * @param id the tenant-ID to use
+	 * @return an instance of this builder to provide a fluent interface
+	 */
+	@SuppressWarnings("unchecked")
+	public R tenant(final Long... ids) {
+		tenantIds = new HashSet<>(Arrays.asList(ids));
+		return (R) this;
+	}
+
+	/**
+	 * Set a custom tenant-ID that is retrieved from the given context to be used
+	 * when querying the database.
+	 * <p>
+	 * Overwrites the existing set.
+	 *
+	 * @param ctx the context that contains the tenant-ID to use
+	 * @return an instance of this builder to provide a fluent interface
+	 */
+	@SuppressWarnings("unchecked")
+	public R tenant(final Context ctx) {
+		tenantIds = (Set<Long>) ctx.getAttribute(Attribute.USER_TENANTS_READ_SET);
+		writeTenantIds = (Set<Long>) ctx.getAttribute(Attribute.USER_TENANTS_WRITE_SET);
+		return (R) this;
+	}
 }

Diff for: src/main/java/info/unterrainer/commons/httpserver/daos/CoreDao.java

@@ -1,20 +1,24 @@
 package info.unterrainer.commons.httpserver.daos;
 
+import java.util.Set;
+
 import info.unterrainer.commons.httpserver.jsons.ListJson;
 import info.unterrainer.commons.rdbutils.entities.BasicJpa;
 
 public interface CoreDao<P extends BasicJpa, E> {
 
+	TenantData getTenantData();
+
 	DaoTransactionManager<E> getTransactionManager();
 
-	P create(E manager, P mappedJpa);
+	P create(E manager, P mappedJpa, final Set<Long> tenantIds);
 
-	P getById(E manager, Long id);
+	P getById(E manager, Long id, final Set<Long> tenantIds);
 
 	ListJson<P> getList(E manager, Long offset, Long size, String selectClause, String joinClause, String whereClause,
-			ParamMap params, String orderByClause);
+			ParamMap params, String orderByClause, final Set<Long> tenantIds);
 
-	void delete(E manager, Long id);
+	void delete(E manager, Long id, final Set<Long> tenantIds);
 
-	P update(E manager, P mappedJpa);
+	P update(E manager, P mappedJpa, final Set<Long> tenantIds);
 }

Diff for: src/main/java/info/unterrainer/commons/httpserver/daos/JpqlCoreDao.java

@@ -1,6 +1,7 @@
 package info.unterrainer.commons.httpserver.daos;
 
 import java.time.LocalDateTime;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
@@ -25,6 +26,8 @@ public class JpqlCoreDao<P extends BasicJpa> implements CoreDao<P, EntityManager
 	protected final Class<P> type;
 	@Getter
 	protected JpqlTransactionManager transactionManager;
+	@Getter
+	protected TenantData tenantData;
 
 	public JpqlCoreDao(final EntityManagerFactory emf, final Class<P> type) {
 		super();
@@ -34,64 +37,75 @@ public JpqlCoreDao(final EntityManagerFactory emf, final Class<P> type) {
 	}
 
 	@Override
-	public P create(final EntityManager em, final P entity) {
+	public P create(final EntityManager em, final P entity, final Set<Long> tenantIds) {
 		LocalDateTime time = DateUtils.nowUtc();
+
+		if (hasTenantData())create entries...
+
 		entity.setCreatedOn(time);
 		entity.setEditedOn(time);
 		em.persist(entity);
 		return entity;
 	}
 
 	@Override
-	public void delete(final EntityManager em, final Long id) {
-		em.createQuery(String.format("DELETE FROM %s AS o WHERE o.id = :id", type.getSimpleName()))
-				.setParameter("id", id)
-				.executeUpdate();
+	public void delete(final EntityManager em, final Long id, final Set<Long> tenantIds) {
+		Map<String, Object> params = new HashMap<>();
+		params.put("id", id);
+		params = addTenantParams(params, tenantIds);
+		Query query = em.createQuery(
+				String.format("DELETE FROM %s AS o " + addTenantJoin(null) + " WHERE " + addTenantWhere("o.id = :id"),
+						type.getSimpleName()));
+		for (Entry<String, Object> entry : params.entrySet())
+			query.setParameter(entry.getKey(), entry.getValue());
+		query.executeUpdate();
 	}
 
 	@Override
-	public P getById(final EntityManager em, final Long id) {
+	public P getById(final EntityManager em, final Long id, final Set<Long> tenantIds) {
 		try {
-			return getQuery(em, "o", null, "o.id = :id", Map.of("id", id), type, null, false, null).getSingleResult();
+			return getQuery(em, "o", null, "o.id = :id", Map.of("id", id), type, null, false, null, tenantIds)
+					.getSingleResult();
 		} catch (NoResultException e) {
 			return null;
 		}
 	}
 
 	@Override
 	public ListJson<P> getList(final EntityManager em, final Long offset, final Long size, final String selectClause,
-			final String joinClause, final String whereClause, final ParamMap params, final String orderByClause) {
+			final String joinClause, final String whereClause, final ParamMap params, final String orderByClause,
+			final Set<Long> tenantIds) {
 		ListJson<P> r = new ListJson<>();
-		r.setEntries(
-				getList(em,
-						getQuery(em, selectClause, joinClause, whereClause,
-								params == null ? null : params.getParameters(), type, orderByClause, false, null),
-						offset, size));
+		r.setEntries(getList(em, getQuery(em, selectClause, joinClause, whereClause,
+				params == null ? null : params.getParameters(), type, orderByClause, false, null, tenantIds), offset,
+				size));
 		r.setCount((Long) getCountQuery(em, selectClause, joinClause, whereClause,
-				params == null ? null : params.getParameters(), null).getSingleResult());
+				params == null ? null : params.getParameters(), null, tenantIds).getSingleResult());
 		return r;
 	}
 
 	@Override
-	public P update(final EntityManager em, final P entity) {
+	public P update(final EntityManager em, final P entity, final Set<Long> tenantIds) {
 		LocalDateTime time = DateUtils.nowUtc();
 		entity.setEditedOn(time);
 		return em.merge(entity);
 	}
 
-	<T> TypedQuery<T> getQuery(final EntityManager em, final String selectClause, final String joinClause,
-			final String whereClause, final Map<String, Object> params, final Class<T> type, final String orderBy,
-			final boolean lockPessimistic, final Set<AsyncState> asyncStates) {
+	<T> TypedQuery<T> getQuery(final EntityManager em, final String selectClause, String joinClause, String whereClause,
+			Map<String, Object> params, final Class<T> type, final String orderBy, final boolean lockPessimistic,
+			final Set<AsyncState> asyncStates, final Set<Long> tenantIds) {
 		String query = "SELECT ";
 		if (selectClause == null || selectClause.isBlank())
 			query += "o";
 		else
 			query += selectClause;
 		query += " FROM %s AS o";
 
+		joinClause = addTenantJoin(joinClause);
 		if (joinClause != null && !joinClause.isBlank())
 			query += " " + joinClause;
 
+		whereClause = addTenantWhere(whereClause);
 		query += buildWhereClause(whereClause, asyncStates);
 
 		if (orderBy == null)
@@ -110,20 +124,25 @@ else if (!orderBy.isBlank())
 		if (lockPessimistic)
 			q.setLockMode(LockModeType.PESSIMISTIC_WRITE);
 		q = addAsyncStatesParamsToQuery(asyncStates, q);
+
+		params = addTenantParams(params, tenantIds);
 		if (params != null)
 			for (Entry<String, Object> e : params.entrySet())
 				q.setParameter(e.getKey(), e.getValue());
 		return q;
 	}
 
-	<T> TypedQuery<T> getDeleteQuery(final EntityManager em, final String joinClause, final String whereClause,
-			final Map<String, Object> params) {
+	<T> TypedQuery<T> getDeleteQuery(final EntityManager em, String joinClause, String whereClause,
+			Map<String, Object> params, final Set<Long> tenantIds) {
 		String query = "DELETE FROM  %s AS o";
 
+		joinClause = addTenantJoin(joinClause);
 		if (joinClause != null && !joinClause.isBlank())
 			query += " " + joinClause;
 
+		whereClause = addTenantWhere(whereClause);
 		query += buildWhereClause(whereClause, null);
+		params = addTenantParams(params, tenantIds);
 
 		query = String.format(query, this.type.getSimpleName());
 
@@ -137,17 +156,22 @@ <T> TypedQuery<T> getDeleteQuery(final EntityManager em, final String joinClause
 		return q;
 	}
 
-	Query getCountQuery(final EntityManager em, final String selectClause, final String joinClause,
-			final String whereClause, final Map<String, Object> params, final Set<AsyncState> asyncStates) {
+	Query getCountQuery(final EntityManager em, final String selectClause, String joinClause, String whereClause,
+			Map<String, Object> params, final Set<AsyncState> asyncStates, final Set<Long> tenantIds) {
 		String query = "SELECT COUNT(";
 		if (selectClause == null || selectClause.isBlank())
 			query += "o.id";
 		else
 			query += selectClause;
 		query += ") FROM %s AS o";
+
+		joinClause = addTenantJoin(joinClause);
 		if (joinClause != null && !joinClause.isBlank())
 			query += " " + joinClause;
+
+		whereClause = addTenantWhere(whereClause);
 		query += buildWhereClause(whereClause, asyncStates);
+		params = addTenantParams(params, tenantIds);
 
 		Query q = em.createQuery(String.format(query, this.type.getSimpleName()));
 
@@ -170,18 +194,52 @@ <T> List<T> getList(final EntityManager em, final TypedQuery<T> query, final lon
 		return query.getResultList();
 	}
 
-	private boolean isAllowed(final EntityManager em, final TenantData tenantData) {
-		TypedQuery<Long> query = getQuery(em, "o.id",
-				"RIGHT JOIN " + tenantData.getJpa().getClass().getSimpleName() + " tenantTable on o.id = tenantTable."
-						+ tenantData.getReferenceField(),
-				"tenantTable." + tenantData.getReferenceField() + " IS NULL OR tenantTable." + tenantData.getIdField()
-						+ " = :tenantId",
-				null, Long.class, null, false, null);
+	private boolean isAllowed(final EntityManager em, final Set<Long> tenantIds) {
+		if (!hasTenantData() || tenantIds == null || tenantIds.contains(null))
+			return true;
+		TypedQuery<Long> query = getQuery(em, "o.id", null, null, null, Long.class, null, false, null, tenantIds);
 		query.setMaxResults(1);
 		List<Long> list = query.getResultList();
 		return list != null && list.size() > 0;
 	}
 
+	private String addTenantJoin(final String joinClause) {
+		if (!hasTenantData())
+			return joinClause;
+
+		String r = joinClause;
+		if (joinClause == null || joinClause.isBlank())
+			r = "";
+
+		r += String.format(" LEFT JOIN %s tenantTable on o.id = tenantTable.%s", tenantData.getType().getSimpleName(),
+				tenantData.getReferenceField());
+		return r;
+	}
+
+	private String addTenantWhere(final String whereClause) {
+		if (!hasTenantData())
+			return whereClause;
+
+		String r = "";
+		if (whereClause != null && !whereClause.isBlank())
+			r = "( " + whereClause + ") AND ";
+
+		r += String.format("( tenantTable.%1$s IS NULL OR tenantTable.%1$s IN (:tenantIds) )", tenantData.getIdField());
+		return r;
+	}
+
+	private Map<String, Object> addTenantParams(final Map<String, Object> map, final Set<Long> tenantIds) {
+		if (!hasTenantData() || tenantIds.isEmpty())
+			return map;
+		map.put("tenantIds", tenantIds);
+		return map;
+	}
+
+	private boolean hasTenantData() {
+		return tenantData != null && tenantData.getType() != null && tenantData.getReferenceField() != null
+				&& tenantData.getIdField() != null;
+	}
+
 	private boolean isSet(final String str) {
 		return str != null && !str.isBlank();
 	}