|
1
6
7 package org.manentia.kasai.authobject;
8
9 import com.koala.commons.log.Log;
10 import com.koala.commons.persistence.DBUtil;
11 import java.sql.*;
12 import java.util.ArrayList  ;
13 import java.util.Arrays ;
14 import java.util.Collection ;
15 import java.util.logging.Level ;
16 import org.apache.commons.lang.StringUtils;
17 import org.apache.commons.lang.exception.ExceptionUtils;
18 import org.manentia.kasai.AuthObject;
19 import org.manentia.kasai.Group;
20 import org.manentia.kasai.ObjectGroupRole;
21 import org.manentia.kasai.ObjectUserRole;
22 import org.manentia.kasai.Operative;
23 import org.manentia.kasai.Role;
24 import org.manentia.kasai.User;
25 import org.manentia.kasai.exceptions.AlreadyExistsException;
26 import org.manentia.kasai.exceptions.DataAccessException;
27 import org.manentia.kasai.exceptions.DoesntExistsException;
28 import org.manentia.kasai.exceptions.InvalidAttributesException;
29 import org.manentia.kasai.group.GroupHandler;
30 import org.manentia.kasai.role.RoleHandler;
31 import org.manentia.kasai.user.UserHandler;
32 import org.manentia.kasai.util.Constants;
33
34
38 public class JDBCMySQLAuthObjectDAO implements AuthObjectDAO {
39
40
41 public JDBCMySQLAuthObjectDAO() {
42 }
43
44 public void copyPermissionsFromObject (String sourceObject, String destinationObject) throws DoesntExistsException,DataAccessException{
45
46 Connection con = null;
47 String sql;
48 PreparedStatement stmt = null;
49
50 try{
51 if ((StringUtils.isNotEmpty(sourceObject)) && (StringUtils.isNotEmpty(destinationObject))){
52 if (this.read(destinationObject) == null){
53 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "copyPermissionsFromObject", "Object doesn't exist",Level.WARNING);
54 throw new DoesntExistsException(AuthObject.class.getName() + ".objectDoesntExist");
55 }
56
57 if (this.read(destinationObject) == null){
58 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "copyPermissionsFromObject", "Object doesn't exist",Level.WARNING);
59 throw new DoesntExistsException(AuthObject.class.getName() + ".objectDoesntExist");
60 }
61
62 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
63
64 sql = "REPLACE INTO kasai_objects_users_roles (id_object,id_user,id_role) SELECT '"+destinationObject+"',id_user,id_role FROM kasai_objects_users_roles WHERE id_object='" + sourceObject + "'";
65 con.createStatement().executeUpdate(sql);
66
67 sql = "REPLACE INTO kasai_objects_groups_roles (id_object,id_group,id_role) SELECT '"+destinationObject+"',id_group,id_role FROM kasai_objects_groups_roles WHERE id_object='" + sourceObject + "'";
68 con.createStatement().executeUpdate(sql);
69
70 }
71 }catch (SQLException sqle){
72 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "copyPermissionsFromObject", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
73 throw new DataAccessException(sqle);
74 }finally{
75 try{
76 con.close();
77 }catch(Exception e){}
78 }
79 }
80
81 public void create(String object) throws DataAccessException{
82
83 Connection con = null;
84 String sql;
85 if (StringUtils.isNotEmpty(object)){
86 if (this.read(object) == null){
87 try{
88 sql = "INSERT INTO kasai_objects (id) values ('" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "')";
89 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
90 con.createStatement().executeUpdate(sql);
91 }catch (SQLException sqle){
92 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "create", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
93 throw new DataAccessException(sqle);
94 }finally{
95 try{
96 con.close();
97 }catch(Exception e){}
98 }
99 }
100 }
101 }
102
103 public void createObjectGroupRole(String object, String group, int role) throws DoesntExistsException,DataAccessException{
104
105 Connection con = null;
106 String sql;
107
108 try{
109 if ((StringUtils.isNotEmpty(object)) && (StringUtils.isNotEmpty(group))){
110 if (GroupHandler.getInstance().read(group) == null){
111 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "apply", "Group doesn't exist",Level.WARNING);
112 throw new DoesntExistsException(Group.class.getName() + ".groupDoesntExist");
113 }
114 if (RoleHandler.getInstance().read(role) == null){
115 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "apply", "Role doesn't exist",Level.WARNING);
116 throw new DoesntExistsException(Role.class.getName() + ".roleDoesntExist");
117 }
118 if (this.read(object) == null){
119 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "apply", "Object doesn't exist",Level.WARNING);
120 throw new DoesntExistsException(AuthObject.class.getName() + ".objectDoesntExist");
121 }
122
123 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
124 sql = "SELECT id from kasai_objects_groups_roles WHERE id_object='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "' AND id_group='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(group) + "' AND id_role=" + role;
125 if (!con.createStatement().executeQuery(sql).next()){
126 sql = "INSERT INTO kasai_objects_groups_roles (id_object,id_group,id_role) values ('" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "','" + org.apache.commons.lang.StringEscapeUtils.escapeSql(group) + "'," + role + ")";
127 con.createStatement().executeUpdate(sql);
128 }
129 }
130 }catch (SQLException sqle){
131 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "createObjectGroupRole", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
132 throw new DataAccessException(sqle);
133 }finally{
134 try{
135 con.close();
136 }catch(Exception e){}
137 }
138 }
139
140 public void createObjectUserRole(String object, String login, int role) throws DoesntExistsException,DataAccessException{
141
142 Connection con = null;
143 String sql;
144
145 try{
146 if ((StringUtils.isNotEmpty(object)) && (StringUtils.isNotEmpty(login))){
147 if (UserHandler.getInstance().read(login,true) == null){
148 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "apply", "User doesn't exist",Level.WARNING);
149 throw new DoesntExistsException(User.class.getName() + ".userDoesntExist");
150 }
151 if (RoleHandler.getInstance().read(role) == null){
152 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "apply", "Role doesn't exist",Level.WARNING);
153 throw new DoesntExistsException(Role.class.getName() + ".roleDoesntExist");
154 }
155 if (this.read(object) == null){
156 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "apply", "Object doesn't exist",Level.WARNING);
157 throw new DoesntExistsException(AuthObject.class.getName() + ".objectDoesntExist");
158 }
159 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
160 sql = "SELECT id from kasai_objects_users_roles WHERE id_object='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "' AND id_user='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(login) + "' AND id_role=" + role;
161 if (!con.createStatement().executeQuery(sql).next()){
162 sql = "INSERT INTO kasai_objects_users_roles (id_object,id_user,id_role) values ('" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "','" + org.apache.commons.lang.StringEscapeUtils.escapeSql(login) + "'," + role + ")";
163 con.createStatement().executeUpdate(sql);
164 }
165 }
166 }catch (SQLException sqle){
167 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "createObjectUserRole", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
168 throw new DataAccessException(sqle);
169 }finally{
170 try{
171 con.close();
172 }catch(Exception e){}
173 }
174 }
175
176 public void delete(String object) throws DataAccessException{
177 Connection con = null;
178 String sql;
179 try{
180 if (StringUtils.isNotEmpty(object)){
181
182 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
183
184 sql = "DELETE FROM kasai_objects WHERE id='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "'";
185 con.createStatement().executeUpdate(sql);
186 }
187 }catch (SQLException sqle){
188 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "delete", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
189 throw new DataAccessException(sqle);
190 }finally{
191 try{
192 con.close();
193 }catch(Exception e){}
194 }
195
196 }
197
198 public void deleteObjectGroupRole(int id) throws DataAccessException{
199 Connection con = null;
200 try{
201 String sql = "delete from kasai_objects_groups_roles where id=" + id;
202 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
203 con.createStatement().executeUpdate(sql);
204 }catch (SQLException sqle){
205 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "deleteObjectGroupRole", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
206 throw new DataAccessException(sqle);
207 }finally{
208 try{
209 con.close();
210 }catch(Exception e){}
211 }
212 }
213
214 public void deleteObjectUserRole(int id) throws DataAccessException{
215 Connection con = null;
216 try{
217 String sql = "DELETE FROM kasai_objects_users_roles WHERE id=" + id;
218 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
219 con.createStatement().executeUpdate(sql);
220 }catch (SQLException sqle){
221 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "deleteObjectUserRole", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
222 throw new DataAccessException(sqle);
223 }finally{
224 try{
225 con.close();
226 }catch(Exception e){}
227 }
228 }
229
230 public void deleteObjectUserRole(String login, String object, int role) throws DataAccessException{
231 Connection con = null;
232 try{
233 String sql = "DELETE FROM kasai_objects_users_roles WHERE id_user='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(login) + "' AND id_object='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) +"' AND id_role=" + role;
234 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
235 con.createStatement().executeUpdate(sql);
236 }catch (SQLException sqle){
237 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "deleteObjectUserRole", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
238 throw new DataAccessException(sqle);
239 }finally{
240 try{
241 con.close();
242 }catch(Exception e){}
243 }
244 }
245
246 public void deleteObjectUserRole(String login, String object) throws DataAccessException{
247 Connection con = null;
248 try{
249 String sql = "DELETE FROM kasai_objects_users_roles WHERE id_user='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(login) + "' AND id_object='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) +"'";
250 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
251 con.createStatement().executeUpdate(sql);
252 }catch (SQLException sqle){
253 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "deleteObjectUserRole", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
254 throw new DataAccessException(sqle);
255 }finally{
256 try{
257 con.close();
258 }catch(Exception e){}
259 }
260 }
261
262 public Collection listObjectGroupsRoles(String object) throws DataAccessException{
263 Connection con = null;
264 String sql;
265 ResultSet rs = null;
266 ObjectGroupRole ogr = null;
267 ArrayList ogrs = new ArrayList ();
268 if(StringUtils.isNotEmpty(object)){
269 try{
270
271 sql = "SELECT AOGR.*,AR.name as role_name FROM kasai_objects_groups_roles AOGR,kasai_roles AR " +
272 "WHERE AOGR.id_object='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "' and AR.id=AOGR.id_role";
273
274 sql += " order by AOGR.id_group ";
275 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
276 rs = con.createStatement().executeQuery(sql);
277 while (rs.next()){
278 ogr = new ObjectGroupRole (rs);
279 ogrs.add(ogr);
280 }
281 }catch (SQLException sqle){
282 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "listObjectGroupsRoles", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
283 throw new DataAccessException(sqle);
284 }finally{
285 try{
286 rs.close();
287 }catch(Exception e){}
288 try{
289 con.close();
290 }catch(Exception e){}
291 }
292 }
293 return ogrs;
294 }
295
296 public Collection listObjectUsersRoles(String object) throws DataAccessException{
297 Connection con = null;
298 String sql;
299 ResultSet rs = null;
300 ObjectUserRole our = null;
301 ArrayList ours = new ArrayList ();
302 if(StringUtils.isNotEmpty(object)){
303 try{
304
305 sql = "SELECT AOUR.*,AR.name as role_name FROM kasai_objects_users_roles AOUR,kasai_roles AR " +
306 "WHERE AOUR.id_object='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(object) + "' and AR.id=AOUR.id_role";
307
308 sql += " order by AOUR.id_user ";
309 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
310 rs = con.createStatement().executeQuery(sql);
311 while (rs.next()){
312 our = new ObjectUserRole (rs);
313 ours.add(our);
314 }
315 }catch (SQLException sqle){
316 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "listObjectUsersRoles", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
317 throw new DataAccessException(sqle);
318 }finally{
319 try{
320 rs.close();
321 }catch(Exception e){}
322 try{
323 con.close();
324 }catch(Exception e){}
325 }
326 }
327 return ours;
328 }
329
330 public AuthObject read(String id) throws DataAccessException{
331 Connection con = null;
332 String sql;
333 ResultSet rs = null;
334 AuthObject o = null;
335 try{
336 if (StringUtils.isNotEmpty(id)){
337 sql = "SELECT * FROM kasai_objects WHERE id='" + org.apache.commons.lang.StringEscapeUtils.escapeSql(id) + "'";
338 con = DBUtil.getConnection(Constants.DATABASE_SOURCE, Constants.PROPERTY_FILE);
339 rs = con.createStatement().executeQuery(sql);
340 if (rs.next()){
341 o = new AuthObject (rs);
342 }
343 }
344 return o;
345 }catch (SQLException sqle){
346 Log.getInstance(Constants.PROPERTY_FILE).write (this.getClass().getName(), "read", ExceptionUtils.getStackTrace(sqle),Level.SEVERE);
347 throw new DataAccessException(sqle);
348 }finally{
349 try{
350 rs.close();
351 }catch(Exception e){}
352 try{
353 con.close();
354 }catch(Exception e){}
355 }
356
357 }
358 }
359 |
Popular Tags |
Java API By Example, From Geeks To Geeks.