KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > jforum > dao > generic > security > SecurityCommon


1 /*
2  * Copyright (c) 2003, Rafael Steil
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms,
6  * with or without modification, are permitted provided
7  * that the following conditions are met:
8  *
9  * 1) Redistributions of source code must retain the above
10  * copyright notice, this list of conditions and the
11  * following disclaimer.
12  * 2) Redistributions in binary form must reproduce the
13  * above copyright notice, this list of conditions and
14  * the following disclaimer in the documentation and/or
15  * other materials provided with the distribution.
16  * 3) Neither the name of "Rafael Steil" nor
17  * the names of its contributors may be used to endorse
18  * or promote products derived from this software without
19  * specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT
22  * HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
23  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
24  * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
25  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
27  * THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
28  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
29  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES
30  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
32  * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
33  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
34  * IN CONTRACT, STRICT LIABILITY, OR TORT
35  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
36  * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
37  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
38  *
39  * This file creation date: 19/03/2004 - 18:45:54
40  * The JForum Project
41  * http://www.jforum.net
42  */

43 package net.jforum.dao.generic.security;
44
45 import java.sql.PreparedStatement JavaDoc;
46 import java.sql.ResultSet JavaDoc;
47 import java.sql.SQLException JavaDoc;
48 import java.sql.Statement JavaDoc;
49 import java.util.Iterator JavaDoc;
50
51 import net.jforum.JForumExecutionContext;
52 import net.jforum.security.PermissionControl;
53 import net.jforum.security.Role;
54 import net.jforum.security.RoleCollection;
55 import net.jforum.security.RoleValue;
56 import net.jforum.security.RoleValueCollection;
57 import net.jforum.util.preferences.SystemGlobals;
58
59 /**
60  * @author Rafael Steil
61  * @version $Id: SecurityCommon.java,v 1.5 2006/01/29 15:06:30 rafaelsteil Exp $
62  */

63 public class SecurityCommon
64 {
65     /**
66      * Execute the <i>add role</i> thing.
67      * As the SQL statement to insert user and group roles are diferent, they cannot be
68      * manipuled with a 'generic' statement, and is for this reason that <code>addRole</code>
69      * method is marked abstract. <br>
70      * The only job the <code>addRole</code> method should do is to get the correct SQL
71      * statement for each case - user or group - and the repass it to this method, who
72      * then do the job for us.
73      *
74      * @param sql The SQL statement to be executed.
75      * @param id The ID do insert. May be user's or group's id, depending of the situation ( the caller )
76      * @param roleName The role name to insert
77      * @param roleValues A <code>RoleValueCollection</code> collection containing the role values to
78      * insert. If none is wanted, just pass null as argument.
79      * @param supportAutoGeneratedKeys Set to <code>true</code> if <i>Statement.RETURN_GENERATED_KEYS</i> is
80      * supported by the Driver, or <code>false</code> if not.
81      * @throws Exception
82      */

83     public static void executeAddRole(String JavaDoc sql, int id, Role role, RoleValueCollection roleValues,
84             boolean supportAutoGeneratedKeys, String JavaDoc autoKeysQuery) throws Exception JavaDoc
85     {
86         PreparedStatement JavaDoc p;
87     
88         if (supportAutoGeneratedKeys) {
89             p = JForumExecutionContext.getConnection().prepareStatement(sql, Statement.RETURN_GENERATED_KEYS);
90         }
91         else {
92             p = JForumExecutionContext.getConnection().prepareStatement(sql);
93         }
94         
95         p.setInt(1, id);
96         p.setString(2, role.getName());
97         p.setInt(3, role.getType());
98         
99         p.executeUpdate();
100         
101         if (roleValues != null) {
102             int roleId = -1;
103             
104             if (supportAutoGeneratedKeys) {
105                 ResultSet JavaDoc rs = p.getGeneratedKeys();
106                 rs.next();
107                 roleId = rs.getInt(1);
108                 rs.close();
109             }
110             else {
111                 p = JForumExecutionContext.getConnection().prepareStatement(autoKeysQuery);
112                 ResultSet JavaDoc rs = p.executeQuery();
113                 if (rs.next()) {
114                     roleId = rs.getInt(1);
115                 }
116                 rs.close();
117             }
118             
119             if (roleId == -1) {
120                 p.close();
121                 throw new SQLException JavaDoc("Could not obtain the latest role id");
122             }
123             
124             p = JForumExecutionContext.getConnection().prepareStatement(SystemGlobals.getSql("PermissionControl.addRoleValues"));
125             
126             for (Iterator JavaDoc iter = roleValues.iterator(); iter.hasNext(); ) {
127                 RoleValue rv = (RoleValue)iter.next();
128                 
129                 p.setInt(1, roleId);
130                 p.setString(2, rv.getValue());
131                 p.setInt(3, rv.getType());
132                 
133                 p.executeUpdate();
134             }
135         }
136         
137         p.close();
138     }
139     
140     /**
141      * See {@link PermissionControl#executeAddRole(String, int, String, RoleValueCollection)} for explanation
142      * about this method. The working way is the same.
143      *
144      * @param sql The SQL statement to execute
145      * @param id The ID do insert. May be user's or group's id, depending of the situation ( the caller )
146      * @return A <code>RoleCollection</code> collection with the roles processed.
147      * @throws Exception
148      */

149     public static RoleCollection processLoadRoles(String JavaDoc sql, int id) throws Exception JavaDoc
150     {
151         RoleCollection rc = new RoleCollection();
152         
153         PreparedStatement JavaDoc p = JForumExecutionContext.getConnection().prepareStatement(sql);
154         p.setInt(1, id);
155         
156         Role r = null;
157         int lastId = -1;
158         
159         ResultSet JavaDoc rs = p.executeQuery();
160         while (rs.next()) {
161             if (rs.getInt("role_id") != lastId) {
162                 if (r != null) {
163                     rc.add(r);
164                 }
165
166                 r = new Role();
167
168                 r.setGroupId(id);
169                 r.setName(rs.getString("name"));
170                 r.setType(rs.getInt("role_type"));
171                 r.setId(rs.getInt("role_id"));
172                 
173                 lastId = r.getId();
174             }
175             
176             if (rs.getString("role_value") != null) {
177                 RoleValue rv = new RoleValue();
178                 rv.setRoleId(r.getId());
179                 rv.setType(rs.getInt("rv_type"));
180                 rv.setValue(rs.getString("role_value"));
181                 
182                 r.getValues().add(rv);
183             }
184         }
185         
186         if (r != null) {
187             rc.add(r);
188         }
189         
190         rs.close();
191         p.close();
192         
193         return rc;
194     }
195 }
196
Popular Tags