Source Code Cross Referenced for JdbcUserRoleListService.java in  » Report » pentaho-report » com » pentaho » security » jdbc » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * Copyright 2007 Pentaho Corporation.  All rights reserved.
003:         * This software was developed by Pentaho Corporation and is provided under the terms
004:         * of the Mozilla Public License, Version 1.1, or any later version. You may not use
005:         * this file except in compliance with the license. If you need a copy of the license,
006:         * please go to http://www.mozilla.org/MPL/MPL-1.1.txt. The Original Code is the Pentaho
007:         * BI Platform.  The Initial Developer is Pentaho Corporation.
008:         *
009:         * Software distributed under the Mozilla Public License is distributed on an "AS IS"
010:         * basis, WITHOUT WARRANTY OF ANY KIND, either express or  implied. Please refer to
011:         * the license for the specific language governing your rights and limitations.
012:         */
013:        package com.pentaho.security.jdbc;
014:
015:        import java.sql.ResultSet;
016:        import java.sql.SQLException;
017:        import java.sql.Types;
018:        import java.util.List;
019:
020:        import javax.sql.DataSource;
021:
022:        import org.acegisecurity.GrantedAuthority;
023:        import org.acegisecurity.GrantedAuthorityImpl;
024:        import org.acegisecurity.userdetails.UserDetails;
025:        import org.acegisecurity.userdetails.UserDetailsService;
026:        import org.acegisecurity.userdetails.UsernameNotFoundException;
027:        import org.springframework.context.ApplicationContextException;
028:        import org.springframework.dao.DataAccessException;
029:        import org.springframework.jdbc.core.SqlParameter;
030:        import org.springframework.jdbc.core.support.JdbcDaoSupport;
031:        import org.springframework.jdbc.object.MappingSqlQuery;
032:
033:        import com.pentaho.security.UserRoleListService;
034:
035:        public class JdbcUserRoleListService extends JdbcDaoSupport implements 
036:                UserRoleListService {
037:
038:            // ~ Static fields/initializers
039:            // =============================================
040:            public static final String DEF_ALL_AUTHORITIES_QUERY = "SELECT distinct(authority) as authority FROM authorities"; //$NON-NLS-1$
041:
042:            public static final String DEF_ALL_USERNAMES_QUERY = "SELECT distinct(username) as username FROM users"; //$NON-NLS-1$
043:
044:            public static final String DEF_ALL_USERNAMES_IN_ROLE_QUERY = "SELECT distinct(username) as username FROM authorities where authority = ?"; //$NON-NLS-1$
045:
046:            // ~ Instance fields
047:            // ========================================================
048:
049:            protected MappingSqlQuery allAuthoritiesMapping;
050:
051:            protected MappingSqlQuery allUsernamesMapping;
052:
053:            protected MappingSqlQuery allUsernamesInRoleMapping;
054:
055:            private String allAuthoritiesQuery;
056:
057:            private String allUsernamesQuery;
058:
059:            private String allUsernamesInRoleQuery;
060:
061:            private UserDetailsService userDetailsService;
062:
063:            private String rolePrefix;
064:
065:            // ~ Constructors
066:            // ===========================================================
067:
068:            public JdbcUserRoleListService(
069:                    final UserDetailsService userDetailsService) {
070:                allAuthoritiesQuery = DEF_ALL_AUTHORITIES_QUERY;
071:                allUsernamesQuery = DEF_ALL_USERNAMES_QUERY;
072:                allUsernamesInRoleQuery = DEF_ALL_USERNAMES_IN_ROLE_QUERY;
073:                this .userDetailsService = userDetailsService;
074:            }
075:
076:            // ~ Methods
077:            // ================================================================
078:
079:            /**
080:             * Allows the default query string used to retrieve all authorities to be
081:             * overriden, if default table or column names need to be changed. The
082:             * default query is {@link #DEF_ALL_AUTHORITIES_QUERY}; when modifying this
083:             * query, ensure that all returned columns are mapped back to the same
084:             * column names as in the default query.
085:             *
086:             * @param queryString
087:             *            The query string to set
088:             */
089:            public void setAllAuthoritiesQuery(String queryString) {
090:                allAuthoritiesQuery = queryString;
091:            }
092:
093:            public String getAllAuthoritiesQuery() {
094:                return allAuthoritiesQuery;
095:            }
096:
097:            /**
098:             * Allows the default query string used to retrieve all user names in a role
099:             * to be overriden, if default table or column names need to be changed. The
100:             * default query is {@link #DEF_ALL_USERS_QUERY}; when modifying this
101:             * query, ensure that all returned columns are mapped back to the same
102:             * column names as in the default query.
103:             *
104:             * @param queryString
105:             *            The query string to set
106:             */
107:            public void setAllUsernamesInRoleQuery(String queryString) {
108:                allUsernamesInRoleQuery = queryString;
109:            }
110:
111:            public String getAllUsernamesInRoleQuery() {
112:                return allUsernamesInRoleQuery;
113:            }
114:
115:            /**
116:             * Allows the default query string used to retrieve all user names to be
117:             * overriden, if default table or column names need to be changed. The
118:             * default query is {@link #DEF_ALL_USERS_IN_ROLE_QUERY}; when modifying
119:             * this query, ensure that all returned columns are mapped back to the same
120:             * column names as in the default query.
121:             *
122:             * @param queryString
123:             *            The query string to set
124:             */
125:            public void setAllUsernamesQuery(String queryString) {
126:                allUsernamesQuery = queryString;
127:            }
128:
129:            public String getAllUsernamesQuery() {
130:                return allUsernamesQuery;
131:            }
132:
133:            public GrantedAuthority[] getAllAuthorities()
134:                    throws DataAccessException {
135:                List allAuths = allAuthoritiesMapping.execute();
136:                if (allAuths.size() == 0) {
137:                    GrantedAuthority[] rtn = {};
138:                    return rtn;
139:                }
140:                GrantedAuthority[] arrayAuths = {};
141:                return (GrantedAuthority[]) allAuths.toArray(arrayAuths);
142:            }
143:
144:            public String[] getAllUsernames() throws DataAccessException {
145:                List allUserNames = allUsernamesMapping.execute();
146:                if (allUserNames.size() == 0) {
147:                    String[] rtn = {};
148:                    return rtn;
149:                }
150:                String[] arrayUserNames = {};
151:                return (String[]) allUserNames.toArray(arrayUserNames);
152:            }
153:
154:            public String[] getUsernamesInRole(GrantedAuthority authority) {
155:                List allUserNames = allUsernamesInRoleMapping.execute(authority
156:                        .getAuthority());
157:                if (allUserNames.size() == 0) {
158:                    String[] rtn = {};
159:                    return rtn;
160:                }
161:                String[] arrayUserNames = {};
162:                return (String[]) allUserNames.toArray(arrayUserNames);
163:            }
164:
165:            protected void initDao() throws ApplicationContextException {
166:                initMappingSqlQueries();
167:            }
168:
169:            /**
170:             * Extension point to allow other MappingSqlQuery objects to be substituted
171:             * in a subclass
172:             */
173:            protected void initMappingSqlQueries() {
174:                this .allAuthoritiesMapping = new AllAuthoritiesMapping(
175:                        getDataSource());
176:                this .allUsernamesInRoleMapping = new AllUserNamesInRoleMapping(
177:                        getDataSource());
178:                this .allUsernamesMapping = new AllUserNamesMapping(
179:                        getDataSource());
180:            }
181:
182:            // ~ Inner Classes
183:            // ==========================================================
184:
185:            /**
186:             * Query object to look up all users.
187:             */
188:            protected class AllUserNamesMapping extends MappingSqlQuery {
189:                protected AllUserNamesMapping(DataSource ds) {
190:                    super (ds, allUsernamesQuery);
191:                    compile();
192:                }
193:
194:                protected Object mapRow(ResultSet rs, int rownum)
195:                        throws SQLException {
196:                    return rs.getString(1);
197:                }
198:            }
199:
200:            /**
201:             * Query object to look up users in a role.
202:             */
203:            protected class AllUserNamesInRoleMapping extends MappingSqlQuery {
204:                protected AllUserNamesInRoleMapping(DataSource ds) {
205:                    super (ds, allUsernamesInRoleQuery);
206:                    declareParameter(new SqlParameter(Types.VARCHAR));
207:                    compile();
208:                }
209:
210:                protected Object mapRow(ResultSet rs, int rownum)
211:                        throws SQLException {
212:                    return rs.getString(1);
213:                }
214:            }
215:
216:            /**
217:             * Query object to look up all authorities.
218:             */
219:            protected class AllAuthoritiesMapping extends MappingSqlQuery {
220:                protected AllAuthoritiesMapping(DataSource ds) {
221:                    super (ds, allAuthoritiesQuery);
222:                    compile();
223:                }
224:
225:                protected Object mapRow(ResultSet rs, int rownum)
226:                        throws SQLException {
227:                    return new GrantedAuthorityImpl(
228:                            ((null != rolePrefix) ? rolePrefix : "") + rs.getString(1)); //$NON-NLS-1$
229:                }
230:            }
231:
232:            public GrantedAuthority[] getAuthoritiesForUser(
233:                    final String userName) throws UsernameNotFoundException,
234:                    DataAccessException {
235:                UserDetails user = userDetailsService
236:                        .loadUserByUsername(userName);
237:                return user.getAuthorities();
238:            }
239:
240:            public void setRolePrefix(String rolePrefix) {
241:                this .rolePrefix = rolePrefix;
242:            }
243:
244:            public void setUserDetailsService(
245:                    UserDetailsService userDetailsService) {
246:                this.userDetailsService = userDetailsService;
247:            }
248:
249:        }