Project:
View Revisions: Issue #38137 | [ All Revisions ] [ Back to Issue ] | ||
Summary | 0038137: EntityAccessChecker.initialize is not using bind-variables | ||
Revision | 2018-03-14 17:27 by shuehner | ||
Description | This code is not using bind-variables: final String tafQryStr = "select ta from " + TableAccess.class.getName() + " ta where role.id='" + getRoleId() + "'"; @SuppressWarnings("unchecked") final List<TableAccess> tas = SessionHandler.getInstance().createQuery(tafQryStr).list(); // and take into account explicit process access final String processAccessQryStr = "select p.obuiappProcess.id from " + ProcessAccess.class.getName() + " p where p.role.id='" + getRoleId() + "'"; |
||
Revision | 2018-03-14 16:46 by shuehner | ||
Description | This code is not using bind-variables: final String tafQryStr = "select ta from " + TableAccess.class.getName() + " ta where role.id='" + getRoleId() + "'"; @SuppressWarnings("unchecked") final List<TableAccess> tas = SessionHandler.getInstance().createQuery(tafQryStr).list(); |
Copyright © 2000 - 2009 MantisBT Group |