001: /*
002: * Copyright (c) JForum Team
003: * All rights reserved.
004: *
005: * Redistribution and use in source and binary forms,
006: * with or without modification, are permitted provided
007: * that the following conditions are met:
008: *
009: * 1) Redistributions of source code must retain the above
010: * copyright notice, this list of conditions and the
011: * following disclaimer.
012: * 2) Redistributions in binary form must reproduce the
013: * above copyright notice, this list of conditions and
014: * the following disclaimer in the documentation and/or
015: * other materials provided with the distribution.
016: * 3) Neither the name of "Rafael Steil" nor
017: * the names of its contributors may be used to endorse
018: * or promote products derived from this software without
019: * specific prior written permission.
020: *
021: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT
022: * HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
023: * EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
024: * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
025: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR
026: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
027: * THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
028: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
029: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES
030: * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
031: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
032: * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
033: * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
034: * IN CONTRACT, STRICT LIABILITY, OR TORT
035: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
036: * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
037: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
038: *
039: * This file creation date: 19/03/2004 - 18:44:56
040: * The JForum Project
041: * http://www.jforum.net
042: */
043: package net.jforum.dao.generic.security;
044:
045: import java.sql.PreparedStatement;
046: import java.sql.ResultSet;
047: import java.sql.SQLException;
048: import java.util.ArrayList;
049: import java.util.Arrays;
050: import java.util.Iterator;
051: import java.util.List;
052:
053: import net.jforum.JForumExecutionContext;
054: import net.jforum.dao.GroupSecurityDAO;
055: import net.jforum.dao.generic.AutoKeys;
056: import net.jforum.entities.Group;
057: import net.jforum.entities.User;
058: import net.jforum.exceptions.DatabaseException;
059: import net.jforum.repository.RolesRepository;
060: import net.jforum.security.Role;
061: import net.jforum.security.RoleCollection;
062: import net.jforum.security.RoleValue;
063: import net.jforum.security.RoleValueCollection;
064: import net.jforum.util.DbUtils;
065: import net.jforum.util.preferences.SystemGlobals;
066:
067: import org.apache.commons.lang.StringUtils;
068:
069: /**
070: * @author Rafael Steil
071: * @version $Id: GenericGroupSecurityDAO.java,v 1.16 2007/08/25 00:11:29 rafaelsteil Exp $
072: */
073: public class GenericGroupSecurityDAO extends AutoKeys implements
074: GroupSecurityDAO {
075: private List selectForumRoles(int forumId) {
076: List l = new ArrayList();
077:
078: PreparedStatement p = null;
079: ResultSet rs = null;
080:
081: try {
082: p = JForumExecutionContext
083: .getConnection()
084: .prepareStatement(
085: SystemGlobals
086: .getSql("PermissionControl.selectForumRoles"));
087: p.setString(1, String.valueOf(forumId));
088:
089: rs = p.executeQuery();
090:
091: while (rs.next()) {
092: l.add(new Integer(rs.getInt("role_id")));
093: }
094: } catch (SQLException e) {
095: throw new DatabaseException(e);
096: } finally {
097: DbUtils.close(rs, p);
098: }
099:
100: return l;
101: }
102:
103: public void deleteForumRoles(int forumId) {
104: PreparedStatement p = null;
105:
106: List roleIds = this .selectForumRoles(forumId);
107:
108: try {
109: StringBuffer ids = new StringBuffer();
110:
111: for (Iterator iterator = roleIds.iterator(); iterator
112: .hasNext();) {
113: Integer id = (Integer) iterator.next();
114: ids.append(id).append(',');
115: }
116:
117: ids.append("-1");
118:
119: // Role values
120: String sql = SystemGlobals
121: .getSql("PermissionControl.deleteRoleValues");
122: sql = StringUtils.replace(sql, "#IDS#", ids.toString());
123:
124: p = JForumExecutionContext.getConnection()
125: .prepareStatement(sql);
126: p.setString(1, String.valueOf(forumId));
127: p.executeUpdate();
128: } catch (SQLException e) {
129: throw new DatabaseException(e);
130: } finally {
131: DbUtils.close(p);
132: }
133: }
134:
135: /**
136: * @see net.jforum.dao.security.SecurityDAO#deleteAllRoles(int)
137: */
138: public void deleteAllRoles(int groupId) {
139: PreparedStatement p = null;
140:
141: try {
142: p = JForumExecutionContext
143: .getConnection()
144: .prepareStatement(
145: SystemGlobals
146: .getSql("PermissionControl.deleteAllRoleValues"));
147: p.setInt(1, groupId);
148: p.executeUpdate();
149: p.close();
150:
151: p = JForumExecutionContext
152: .getConnection()
153: .prepareStatement(
154: SystemGlobals
155: .getSql("PermissionControl.deleteAllGroupRoles"));
156: p.setInt(1, groupId);
157: p.executeUpdate();
158: } catch (SQLException e) {
159: throw new DatabaseException(e);
160: } finally {
161: DbUtils.close(p);
162: }
163: }
164:
165: /**
166: * @see net.jforum.dao.security.SecurityDAO#addRole(int, net.jforum.security.Role)
167: */
168: public void addRole(int id, Role role) {
169: this .addRole(id, role, null);
170: }
171:
172: /**
173: * @see net.jforum.dao.security.SecurityDAO#addRole(int, net.jforum.security.Role,
174: * net.jforum.security.RoleValueCollection)
175: */
176: public void addRole(int id, Role role,
177: RoleValueCollection roleValues) {
178: this .setAutoGeneratedKeysQuery(SystemGlobals
179: .getSql("PermissionControl.lastGeneratedRoleId"));
180: SecurityCommon.executeAddRole(SystemGlobals
181: .getSql("PermissionControl.addGroupRole"), id, role,
182: roleValues, this .supportAutoGeneratedKeys(), this
183: .getAutoGeneratedKeysQuery());
184: }
185:
186: /**
187: * @see net.jforum.dao.security.SecurityDAO#loadRoles(int)
188: */
189: public RoleCollection loadRoles(int groupId) {
190: return this .loadRoles(new int[] { groupId });
191: }
192:
193: protected RoleCollection loadRoles(int[] groupIds) {
194: String sql = SystemGlobals
195: .getSql("PermissionControl.loadGroupRoles");
196: String groupIdAsString = SecurityCommon
197: .groupIdAsString(groupIds);
198:
199: if ("".equals(groupIdAsString)) {
200: // We suppose there is no "negative" group ids
201: sql = sql.replaceAll("#IN#", "-1");
202: } else {
203: sql = sql.replaceAll("#IN#", groupIdAsString);
204: }
205:
206: RoleCollection roles = new RoleCollection();
207:
208: PreparedStatement p = null;
209: ResultSet rs = null;
210:
211: try {
212: p = JForumExecutionContext.getConnection()
213: .prepareStatement(sql);
214: rs = p.executeQuery();
215:
216: roles = SecurityCommon.loadRoles(rs);
217: } catch (Exception e) {
218: throw new DatabaseException(e);
219: } finally {
220: DbUtils.close(rs, p);
221: }
222:
223: return roles;
224: }
225:
226: /**
227: * @see net.jforum.dao.GroupSecurityDAO#addRoleValue(int, net.jforum.security.Role, net.jforum.security.RoleValueCollection)
228: */
229: public void addRoleValue(int groupId, Role role,
230: RoleValueCollection rvc) {
231: PreparedStatement p = null;
232: ResultSet rs = null;
233:
234: try {
235: p = JForumExecutionContext
236: .getConnection()
237: .prepareStatement(
238: SystemGlobals
239: .getSql("PermissionControl.getRoleIdByName"));
240: p.setString(1, role.getName());
241: p.setInt(2, groupId);
242:
243: int roleId = -1;
244:
245: rs = p.executeQuery();
246: if (rs.next()) {
247: roleId = rs.getInt("role_id");
248: }
249:
250: rs.close();
251: rs = null;
252: p.close();
253: p = null;
254:
255: if (roleId == -1) {
256: this .addRole(groupId, role, rvc);
257: } else {
258: p = JForumExecutionContext
259: .getConnection()
260: .prepareStatement(
261: SystemGlobals
262: .getSql("PermissionControl.addRoleValues"));
263: p.setInt(1, roleId);
264:
265: for (Iterator iter = rvc.iterator(); iter.hasNext();) {
266: RoleValue rv = (RoleValue) iter.next();
267: p.setString(2, rv.getValue());
268: p.executeUpdate();
269: }
270: }
271: } catch (SQLException e) {
272: throw new DatabaseException(e);
273: } finally {
274: DbUtils.close(rs, p);
275: }
276: }
277:
278: /**
279: * @see net.jforum.dao.GroupSecurityDAO#loadRolesByUserGroups(net.jforum.entities.User)
280: */
281: public RoleCollection loadRolesByUserGroups(User user) {
282: List groups = user.getGroupsList();
283:
284: // When the user is associated to more than one group, we
285: // should check the merged roles
286: int[] groupIds = this .getSortedGroupIds(groups);
287:
288: RoleCollection groupRoles = RolesRepository
289: .getGroupRoles(groupIds);
290:
291: // Not cached yet? then do it now
292: if (groupRoles == null) {
293: groupRoles = this .loadRoles(groupIds);
294: RolesRepository.addGroupRoles(groupIds, groupRoles);
295: }
296:
297: return groupRoles;
298: }
299:
300: private int[] getSortedGroupIds(List groups) {
301: int[] groupsIds = new int[groups.size()];
302: int i = 0;
303:
304: for (Iterator iter = groups.iterator(); iter.hasNext();) {
305: groupsIds[i++] = ((Group) iter.next()).getId();
306: }
307:
308: Arrays.sort(groupsIds);
309:
310: return groupsIds;
311: }
312: }
|