Java tutorial
/* * * Copyright 2013 Entando S.r.l. (http://www.entando.com) All rights reserved. * * This file is part of Entando software. * Entando is a free software; * You can redistribute it and/or modify it * under the terms of the GNU General Public License (GPL) as published by the Free Software Foundation; version 2. * * See the file License for the specific language governing permissions * and limitations under the License * * * * Copyright 2013 Entando S.r.l. (http://www.entando.com) All rights reserved. * */ package com.agiletec.aps.system.services.authorization; import com.agiletec.aps.system.common.AbstractSearcherDAO; import com.agiletec.aps.system.common.FieldSearchFilter; import com.agiletec.aps.system.services.group.Group; import com.agiletec.aps.system.services.role.Role; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.Types; import java.util.ArrayList; import java.util.List; import java.util.Map; import org.apache.commons.collections.CollectionUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * @author E.Santoboni */ public class AuthorizationDAO extends AbstractSearcherDAO implements IAuthorizationDAO { private static final Logger _logger = LoggerFactory.getLogger(AuthorizationDAO.class); @Override public void addUserAuthorization(String username, Authorization authorization) { if (null == authorization || null == username) return; String groupName = (null != authorization.getGroup()) ? authorization.getGroup().getName() : null; String roleName = (null != authorization.getRole()) ? authorization.getRole().getName() : null; super.executeQueryWithoutResultset(ADD_AUTHORIZATION, username, groupName, roleName); } @Override public void addUserAuthorizations(String username, List<Authorization> authorizations) { this.addUpdateUserAuthorizations(username, authorizations, false); } @Override public void updateUserAuthorizations(String username, List<Authorization> authorizations) { this.addUpdateUserAuthorizations(username, authorizations, true); } protected void addUpdateUserAuthorizations(String username, List<Authorization> authorizations, boolean update) { Connection conn = null; try { conn = this.getConnection(); conn.setAutoCommit(false); if (update) { super.executeQueryWithoutResultset(conn, DELETE_USER_AUTHORIZATIONS, username); } this.addUserAuthorizations(username, authorizations, conn); conn.commit(); } catch (Throwable t) { this.executeRollback(conn); _logger.error("Error detected while addind user authorizations", t); throw new RuntimeException("Error detected while addind user authorizations", t); } finally { this.closeConnection(conn); } } protected void addUserAuthorizations(String username, List<Authorization> authorizations, Connection conn) { PreparedStatement stat = null; try { stat = conn.prepareStatement(ADD_AUTHORIZATION); for (int i = 0; i < authorizations.size(); i++) { Authorization auth = authorizations.get(i); if (null == auth) continue; stat.setString(1, username); if (null != auth.getGroup()) { stat.setString(2, auth.getGroup().getName()); } else { stat.setNull(2, Types.VARCHAR); } if (null != auth.getRole()) { stat.setString(3, auth.getRole().getName()); } else { stat.setNull(3, Types.VARCHAR); } stat.addBatch(); stat.clearParameters(); } stat.executeBatch(); } catch (Throwable t) { _logger.error("Error detected while addind user authorizations", t); throw new RuntimeException("Error detected while addind user authorizations", t); } finally { this.closeDaoResources(null, stat); } } @Override public void deleteUserAuthorization(String username, String groupname, String rolename) { super.executeQueryWithoutResultset(DELETE_AUTHORIZATION, username, groupname, rolename); } @Override public List<Authorization> getUserAuthorizations(String username, Map<String, Group> groups, Map<String, Role> roles) { Connection conn = null; List<Authorization> authorizations = new ArrayList<Authorization>(); PreparedStatement stat = null; ResultSet res = null; try { conn = this.getConnection(); stat = conn.prepareStatement(GET_USER_AUTHORIZATIONS); stat.setString(1, username); res = stat.executeQuery(); while (res.next()) { String groupname = res.getString(1); Group group = (null != groupname) ? groups.get(groupname) : null; String rolename = res.getString(2); Role role = (null != rolename) ? roles.get(rolename) : null; Authorization authorization = new Authorization(group, role); if (!authorizations.contains(authorization)) { authorizations.add(authorization); } } } catch (Throwable t) { _logger.error("Error loading user authorization", t); throw new RuntimeException("Error loading user authorization", t); } finally { closeDaoResources(res, stat, conn); } return authorizations; } @Override public void deleteUserAuthorizations(String username) { super.executeQueryWithoutResultset(DELETE_USER_AUTHORIZATIONS, username); } @Override public List<String> getUsersByAuthorities(List<String> groupNames, List<String> roleNames) { FieldSearchFilter[] filters = {}; if (CollectionUtils.isNotEmpty(groupNames)) { FieldSearchFilter filter = new FieldSearchFilter("groupname", groupNames, false); filters = super.addFilter(filters, filter); } if (CollectionUtils.isNotEmpty(roleNames)) { FieldSearchFilter filter = new FieldSearchFilter("rolename", roleNames, false); filters = super.addFilter(filters, filter); } return super.searchId(filters); } @Override protected String getTableFieldName(String metadataFieldKey) { return metadataFieldKey; } @Override protected String getMasterTableName() { return "authusergrouprole"; } @Override protected String getMasterTableIdFieldName() { return "username"; } private final String ADD_AUTHORIZATION = "INSERT INTO authusergrouprole(username, groupname, rolename) VALUES ( ? , ? , ? )"; private final String DELETE_USER_AUTHORIZATIONS = "DELETE FROM authusergrouprole WHERE username = ?"; private final String DELETE_AUTHORIZATION = DELETE_USER_AUTHORIZATIONS + " AND groupname = ? AND rolename = ? "; private final String GET_USER_AUTHORIZATIONS = "SELECT groupname, rolename FROM authusergrouprole WHERE username = ? "; }