1 25 26 29 package net.killingar.forum.internal.managers; 30 31 import net.killingar.forum.internal.AccessDeniedException; 32 import net.killingar.forum.internal.Todo; 33 34 import java.sql.*; 35 import java.util.ArrayList ; 36 37 public class TodoManager extends AbstractManager implements java.io.Serializable 38 { 39 42 public Todo getTodo(long ID) throws SQLException, AccessDeniedException 43 { 44 Todo r = null; 45 46 Connection c = null; 47 Statement statement = null; 48 ResultSet result = null; 49 50 try 51 { 52 c = getNewConnection(); 53 statement = c.createStatement(); 54 55 result = statement.executeQuery("select User, Priority, Type, Message, Time from Todos where ID = "+ID); 56 57 if (result.next()) 58 { 59 r = new Todo( 60 ID, 61 result.getLong(1), 62 result.getInt(2), 63 result.getInt(3), 64 result.getString(4), 65 result.getDate(5)); 66 67 if (r.ownerID != manager.getUserID()) 68 throw new AccessDeniedException("attempt to read others todos"); 69 } 70 } 71 finally { closeAll(c, statement, result); } 72 73 return r; 74 } 75 76 80 public Todo[] getTodos(int type) throws SQLException 81 { 82 Todo r[] = null; 83 84 Connection c = null; 85 Statement statement = null; 86 ResultSet result = null; 87 88 try 89 { 90 c = getNewConnection(); 91 statement = c.createStatement(); 92 93 result = statement.executeQuery("select ID, Priority, Type, Message, Time from Todos where User = "+manager.getUserID()+" AND Type = "+type); 94 95 ArrayList v = new ArrayList (); 96 while (result.next()) 97 { 98 v.add(new Todo( 99 result.getLong(1), 100 manager.getUserID(), 101 result.getInt(2), 102 result.getInt(3), 103 result.getString(4), 104 result.getDate(5))); 105 } 106 107 r = new Todo[v.size()]; 108 v.toArray(r); 109 } 110 finally { closeAll(c, statement, result); } 111 112 return r; 113 } 114 115 118 public void addTodo(Todo todo) throws SQLException, AccessDeniedException 119 { 120 Connection c = null; 121 PreparedStatement statement = null; 122 ResultSet result = null; 123 124 try 125 { 126 c = getNewConnection(); 127 statement = c.prepareStatement("insert into Todos (User, Priority, Type, Message, Time) values(?, ?, ?, ?, NOW())"); 128 statement.setLong(1, manager.getUserID()); 129 statement.setInt(2, todo.priority); 130 statement.setInt(3, todo.type); 131 statement.setString(4, todo.message); 132 133 statement.executeUpdate(); 134 } 135 finally { closeAll(c, statement, result); } 136 } 137 138 141 public void removeTodo(long ID) throws SQLException, AccessDeniedException 142 { 143 Todo t = getTodo(ID); 144 if (t == null) 145 throw new RuntimeException ("no todo item with id "+ID+" found"); 146 147 if (t.ownerID != manager.getUserID()) 148 throw new AccessDeniedException("attempt to remove another users todo"); 149 150 Connection c = null; 151 Statement statement = null; 152 ResultSet result = null; 153 154 try 155 { 156 c = getNewConnection(); 157 statement = c.createStatement(); 158 159 statement.executeUpdate("delete from Todos where ID = "+ID); 160 } 161 finally { closeAll(c, statement, result); } 162 } 163 164 167 public void changeTodo(Todo todo) throws SQLException, AccessDeniedException 168 { 169 if (todo.ownerID != manager.getUserID()) 170 throw new AccessDeniedException("attempt to change others todos"); 171 172 Connection c = null; 173 PreparedStatement statement = null; 174 ResultSet result = null; 175 176 try 177 { 178 c = getNewConnection(); 179 statement = c.prepareStatement("update Todos set Priority = ?, Type = ?, Message = ? where ID = ?"); 180 statement.setInt(1, todo.priority); 181 statement.setInt(2, todo.type); 182 statement.setString(3, todo.message); 183 statement.setLong(4, todo.ID); 184 185 statement.executeUpdate(); 186 } 187 finally { closeAll(c, statement, result); } 188 } 189 190 193 public boolean hasUrgentStuffTodo(long userID) throws SQLException, AccessDeniedException 194 { 195 if (userID != manager.getUserID()) 196 throw new AccessDeniedException("attempt to get data on other users todo"); 197 198 Connection c = null; 199 Statement statement = null; 200 ResultSet result = null; 201 202 try 203 { 204 c = getNewConnection(); 205 statement = c.createStatement(); 206 result = statement.executeQuery("select count(*) > 0 from Todos where User = "+userID+" AND Type = 1"); 207 208 if (result.next() && result.getInt(1) != 0) 209 return true; 210 } 211 finally { closeAll(c, statement, result); } 212 213 return false; 214 } 215 } | Popular Tags |