Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Revisions: Issue #38137 All Revisions ] Back to Issue ]
Summary 0038137: EntityAccessChecker.initialize is not using bind-variables
Revision 2018-03-14 17:27 by shuehner
Description This code is not using bind-variables:

      final String tafQryStr = "select ta from " + TableAccess.class.getName()
          + " ta where role.id='" + getRoleId() + "'";
      @SuppressWarnings("unchecked")
      final List<TableAccess> tas = SessionHandler.getInstance().createQuery(tafQryStr).list();

      // and take into account explicit process access
      final String processAccessQryStr = "select p.obuiappProcess.id from "
          + ProcessAccess.class.getName() + " p where p.role.id='" + getRoleId() + "'";
Revision 2018-03-14 16:46 by shuehner
Description This code is not using bind-variables:

      final String tafQryStr = "select ta from " + TableAccess.class.getName()
          + " ta where role.id='" + getRoleId() + "'";
      @SuppressWarnings("unchecked")
      final List<TableAccess> tas = SessionHandler.getInstance().createQuery(tafQryStr).list();


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker