0001: /* Copyright 2001 The JA-SIG Collaborative. All rights reserved.
0002: * See license distributed with this file and
0003: * available online at http://www.uportal.org/license.html
0004: */
0005:
0006: package org.jasig.portal;
0007:
0008: import java.sql.Connection;
0009: import java.sql.PreparedStatement;
0010: import java.sql.ResultSet;
0011: import java.sql.SQLException;
0012: import java.sql.Statement;
0013: import java.util.Collections;
0014: import java.util.HashMap;
0015: import java.util.Iterator;
0016: import java.util.Map;
0017:
0018: import org.apache.commons.logging.Log;
0019: import org.apache.commons.logging.LogFactory;
0020: import org.jasig.portal.groups.IEntityGroup;
0021: import org.jasig.portal.groups.IGroupMember;
0022: import org.jasig.portal.groups.ILockableEntityGroup;
0023: import org.jasig.portal.properties.PropertiesManager;
0024: import org.jasig.portal.security.IPerson;
0025: import org.jasig.portal.security.PersonFactory;
0026: import org.jasig.portal.services.GroupService;
0027: import org.jasig.portal.utils.CounterStoreFactory;
0028:
0029: /**
0030: * SQL implementation for managing creation and removal of User Portal Data
0031: * @author Susan Bramhall, Yale University (modify by Julien Marchal, University Nancy 2; Eric Dalquist - edalquist@unicon.net)
0032: * @version $Revision: 36798 $
0033: */
0034: public class RDBMUserIdentityStore implements IUserIdentityStore {
0035:
0036: private static final Log log = LogFactory
0037: .getLog(RDBMUserIdentityStore.class);
0038:
0039: //*********************************************************************
0040: // Constants
0041: private static final String defaultTemplateUserName = PropertiesManager
0042: .getProperty("org.jasig.portal.services.Authentication.defaultTemplateUserName");
0043: private static final String templateAttrName = "uPortalTemplateUserName";
0044: private static final int guestUID = 1;
0045: static int DEBUG = 0;
0046: private static final Map userLocks = Collections
0047: .synchronizedMap(new HashMap());
0048:
0049: private static synchronized Object getLock(IPerson person) {
0050: String username = (String) person
0051: .getAttribute(IPerson.USERNAME);
0052: Object lock = userLocks.get(username);
0053: if (lock == null) {
0054: lock = new Object();
0055: userLocks.put(username, lock);
0056: }
0057: return lock;
0058: }
0059:
0060: private static synchronized void removeLock(IPerson person) {
0061: String username = (String) person
0062: .getAttribute(IPerson.USERNAME);
0063: userLocks.remove(username);
0064: }
0065:
0066: /**
0067: * getuPortalUID - return a unique uPortal key for a user.
0068: * calls alternate signature with createPortalData set to false.
0069: * @param person the person object
0070: * @return uPortalUID number
0071: * @throws Exception if no user is found.
0072: */
0073: public int getPortalUID(IPerson person) throws Exception {
0074: int uPortalUID = -1;
0075: uPortalUID = this .getPortalUID(person, false);
0076: return uPortalUID;
0077: }
0078:
0079: /**
0080: *
0081: * removeuPortalUID
0082: * @param uPortalUID integer key to uPortal data for a user
0083: * @throws SQLException exception if a sql error is encountered
0084: */
0085: public void removePortalUID(int uPortalUID) throws Exception {
0086: Connection con = RDBMServices.getConnection();
0087: java.sql.PreparedStatement ps = null;
0088: Statement stmt = null;
0089: ResultSet rs = null;
0090:
0091: try {
0092: stmt = con.createStatement();
0093: if (RDBMServices.getDbMetaData().supportsTransactions())
0094: con.setAutoCommit(false);
0095:
0096: // START of Addition after bug declaration (bug id 1516)
0097: // Permissions delete
0098: // must be made before delete user in UP_USER
0099: rs = stmt
0100: .executeQuery("SELECT USER_NAME FROM UP_USER WHERE USER_ID="
0101: + uPortalUID);
0102: String name = "";
0103: if (rs.next())
0104: name = rs.getString(1);
0105: rs.close();
0106: rs = stmt
0107: .executeQuery("SELECT ENTITY_TYPE_ID FROM UP_ENTITY_TYPE WHERE ENTITY_TYPE_NAME = 'org.jasig.portal.security.IPerson'");
0108: int type = -1;
0109: if (rs.next())
0110: type = rs.getInt(1);
0111: rs.close();
0112: rs = null;
0113: String SQLDelete = "DELETE FROM UP_PERMISSION WHERE PRINCIPAL_KEY='"
0114: + name + "' AND PRINCIPAL_TYPE=" + type;
0115: if (log.isDebugEnabled())
0116: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0117: + SQLDelete);
0118: stmt.executeUpdate(SQLDelete);
0119:
0120: rs = stmt
0121: .executeQuery("SELECT M.GROUP_ID "
0122: + "FROM UP_GROUP_MEMBERSHIP M, UP_GROUP G, UP_ENTITY_TYPE E "
0123: + "WHERE M.GROUP_ID = G.GROUP_ID "
0124: + " AND G.ENTITY_TYPE_ID = E.ENTITY_TYPE_ID "
0125: + " AND E.ENTITY_TYPE_NAME = 'org.jasig.portal.security.IPerson'"
0126: + " AND M.MEMBER_KEY ='" + name
0127: + "' AND M.MEMBER_IS_GROUP = 'F'");
0128: java.util.Vector groups = new java.util.Vector();
0129: while (rs.next())
0130: groups.add(rs.getString(1));
0131: rs.close();
0132: rs = null;
0133:
0134: // Remove from local group
0135: // Delete from DeleteUser.java and place here
0136: // must be made before delete user in UP_USER
0137: ps = con
0138: .prepareStatement("DELETE FROM UP_GROUP_MEMBERSHIP WHERE MEMBER_KEY='"
0139: + name + "' AND GROUP_ID=?");
0140: for (int i = 0; i < groups.size(); i++) {
0141: String group = (String) groups.get(i);
0142: ps.setString(1, group);
0143: ps.executeUpdate();
0144: }
0145: if (ps != null)
0146: ps.close();
0147: // END of Addition after bug declaration (bug id 1516)
0148:
0149: SQLDelete = "DELETE FROM UP_USER WHERE USER_ID = "
0150: + uPortalUID;
0151: if (log.isDebugEnabled())
0152: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0153: + SQLDelete);
0154: stmt.executeUpdate(SQLDelete);
0155:
0156: SQLDelete = "DELETE FROM UP_USER_LAYOUT WHERE USER_ID = "
0157: + uPortalUID;
0158: if (log.isDebugEnabled())
0159: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0160: + SQLDelete);
0161: stmt.executeUpdate(SQLDelete);
0162:
0163: SQLDelete = "DELETE FROM UP_USER_PARAM WHERE USER_ID = "
0164: + uPortalUID;
0165: if (log.isDebugEnabled())
0166: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0167: + SQLDelete);
0168: stmt.executeUpdate(SQLDelete);
0169:
0170: SQLDelete = "DELETE FROM UP_USER_PROFILE WHERE USER_ID = "
0171: + uPortalUID;
0172: if (log.isDebugEnabled())
0173: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0174: + SQLDelete);
0175: stmt.executeUpdate(SQLDelete);
0176:
0177: SQLDelete = "DELETE FROM UP_USER_LAYOUT WHERE USER_ID = "
0178: + uPortalUID;
0179: if (log.isDebugEnabled())
0180: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0181: + SQLDelete);
0182: stmt.executeUpdate(SQLDelete);
0183:
0184: SQLDelete = "DELETE FROM UP_SS_USER_ATTS WHERE USER_ID = "
0185: + uPortalUID;
0186: if (log.isDebugEnabled())
0187: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0188: + SQLDelete);
0189: stmt.executeUpdate(SQLDelete);
0190:
0191: SQLDelete = "DELETE FROM UP_SS_USER_PARM WHERE USER_ID = "
0192: + uPortalUID;
0193: if (log.isDebugEnabled())
0194: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0195: + SQLDelete);
0196: stmt.executeUpdate(SQLDelete);
0197:
0198: SQLDelete = "DELETE FROM UP_LAYOUT_PARAM WHERE USER_ID = "
0199: + uPortalUID;
0200: if (log.isDebugEnabled())
0201: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0202: + SQLDelete);
0203: stmt.executeUpdate(SQLDelete);
0204:
0205: SQLDelete = "DELETE FROM UP_USER_UA_MAP WHERE USER_ID = "
0206: + uPortalUID;
0207: if (log.isDebugEnabled())
0208: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0209: + SQLDelete);
0210: stmt.executeUpdate(SQLDelete);
0211:
0212: SQLDelete = "DELETE FROM UP_LAYOUT_STRUCT WHERE USER_ID = "
0213: + uPortalUID;
0214: if (log.isDebugEnabled())
0215: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0216: + SQLDelete);
0217: stmt.executeUpdate(SQLDelete);
0218:
0219: // START of Addition after bug declaration (bug id 1516)
0220: SQLDelete = "DELETE FROM UP_USER_LOCALE WHERE USER_ID = "
0221: + uPortalUID;
0222: if (log.isDebugEnabled())
0223: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0224: + SQLDelete);
0225: stmt.executeUpdate(SQLDelete);
0226:
0227: SQLDelete = "DELETE FROM UP_USER_PROFILE_MDATA WHERE USER_ID = "
0228: + uPortalUID;
0229: if (log.isDebugEnabled())
0230: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0231: + SQLDelete);
0232: stmt.executeUpdate(SQLDelete);
0233:
0234: SQLDelete = "DELETE FROM UP_USER_PROFILE_LOCALE WHERE USER_ID = "
0235: + uPortalUID;
0236: if (log.isDebugEnabled())
0237: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0238: + SQLDelete);
0239: stmt.executeUpdate(SQLDelete);
0240:
0241: SQLDelete = "DELETE FROM UP_USER_LAYOUT_AGGR WHERE USER_ID = "
0242: + uPortalUID;
0243: if (log.isDebugEnabled())
0244: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0245: + SQLDelete);
0246: stmt.executeUpdate(SQLDelete);
0247:
0248: SQLDelete = "DELETE FROM UP_USER_LAYOUT_MDATA WHERE USER_ID = "
0249: + uPortalUID;
0250: if (log.isDebugEnabled())
0251: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0252: + SQLDelete);
0253: stmt.executeUpdate(SQLDelete);
0254:
0255: SQLDelete = "DELETE FROM UP_LAYOUT_STRUCT_AGGR WHERE USER_ID = "
0256: + uPortalUID;
0257: if (log.isDebugEnabled())
0258: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0259: + SQLDelete);
0260: stmt.executeUpdate(SQLDelete);
0261:
0262: SQLDelete = "DELETE FROM UP_LAYOUT_STRUCT_MDATA WHERE USER_ID = "
0263: + uPortalUID;
0264: if (log.isDebugEnabled())
0265: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0266: + SQLDelete);
0267: stmt.executeUpdate(SQLDelete);
0268:
0269: SQLDelete = "DELETE FROM UP_LAYOUT_RESTRICTIONS WHERE USER_ID = "
0270: + uPortalUID;
0271: if (log.isDebugEnabled())
0272: log.debug("RDBMUserIdentityStore::removePortalUID(): "
0273: + SQLDelete);
0274: stmt.executeUpdate(SQLDelete);
0275: // END of Addition after bug declaration (bug id 1516)
0276:
0277: if (RDBMServices.getDbMetaData().supportsTransactions())
0278: con.commit();
0279:
0280: try {
0281: IPortletPreferencesStore portletPrefStore = PortletPreferencesStoreFactory
0282: .getPortletPreferencesStoreImpl();
0283: portletPrefStore
0284: .deletePortletPreferencesByUser(uPortalUID);
0285: } catch (Exception e) {
0286: }
0287:
0288: } catch (SQLException se) {
0289: try {
0290: log.error("RDBMUserIdentityStore::removePortalUID(): "
0291: + se);
0292: if (RDBMServices.getDbMetaData().supportsTransactions())
0293: con.rollback();
0294: } catch (SQLException e) {
0295: log.error("RDBMUserIdentityStore::removePortalUID(): "
0296: + e);
0297: }
0298: if (DEBUG > 0) {
0299: System.err.println("SQLException: " + se.getMessage());
0300: System.err.println("SQLState: " + se.getSQLState());
0301: System.err.println("Message: " + se.getMessage());
0302: System.err.println("Vendor: " + se.getErrorCode());
0303: }
0304:
0305: throw se;
0306: } finally {
0307: RDBMServices.closeResultSet(rs);
0308: RDBMServices.closeStatement(stmt);
0309: RDBMServices.closeStatement(ps);
0310: RDBMServices.releaseConnection(con);
0311: }
0312: }
0313:
0314: /**
0315: * Return the username to be used for authorization (exit hook)
0316: * @param person
0317: * @return usernmae
0318: */
0319: public String getUsername(IPerson person) {
0320: return (String) person.getAttribute(IPerson.USERNAME);
0321: }
0322:
0323: /**
0324: * Get the portal user ID for this person object.
0325: * @param person
0326: * @param createPortalData indicating whether to try to create all uPortal data for this user from template prototype
0327: * @return uPortalUID number or -1 if unable to create user.
0328: * @throws AuthorizationException if createPortalData is false and no user is found
0329: * or if a sql error is encountered
0330: */
0331: public int getPortalUID(IPerson person, boolean createPortalData)
0332: throws AuthorizationException {
0333: int uid;
0334: String username = (String) person
0335: .getAttribute(IPerson.USERNAME);
0336:
0337: // only synchronize a non-guest request.
0338: if (PersonFactory.GUEST_USERNAME.equals(username)) {
0339: uid = __getPortalUID(person, createPortalData);
0340: } else {
0341: Object lock = getLock(person);
0342: synchronized (lock) {
0343: uid = __getPortalUID(person, createPortalData);
0344: }
0345: removeLock(person);
0346: }
0347: return uid;
0348: }
0349:
0350: private int __getPortalUID(IPerson person, boolean createPortalData)
0351: throws AuthorizationException {
0352: PortalUser portalUser = null;
0353:
0354: try {
0355: String userName = getUsername(person);
0356: String templateName = getTemplateName(person);
0357: portalUser = getPortalUser(userName);
0358:
0359: if (createPortalData) {
0360: //If we are allowed to modify the database
0361:
0362: if (portalUser != null) {
0363: //If the user has logged in we may have to update their template user information
0364:
0365: boolean hasSavedLayout = userHasSavedLayout(portalUser
0366: .getUserId());
0367: if (!hasSavedLayout) {
0368:
0369: TemplateUser templateUser = getTemplateUser(templateName);
0370: if (portalUser.getDefaultUserId() != templateUser
0371: .getUserId()) {
0372: //Update user data with new template user's data
0373: updateUser(portalUser.getUserId(), person,
0374: templateUser);
0375: }
0376: }
0377: } else {
0378: //User hasn't logged in before, some data needs to be created for them based on their template user
0379:
0380: // Retrieve the information for the template user
0381: TemplateUser templateUser = getTemplateUser(templateName);
0382: if (templateUser == null) {
0383: throw new AuthorizationException(
0384: "No information found for template user = "
0385: + templateName
0386: + ". Cannot create new account for "
0387: + userName);
0388: }
0389:
0390: // Get a new user ID for this user
0391: int newUID = CounterStoreFactory
0392: .getCounterStoreImpl()
0393: .getIncrementIntegerId("UP_USER");
0394:
0395: // Add new user to all appropriate tables
0396: int newPortalUID = addNewUser(newUID, person,
0397: templateUser);
0398: portalUser = new PortalUser();
0399: portalUser.setUserId(newPortalUID);
0400: }
0401: } else if (portalUser == null) {
0402: //If this is a new user and we can't create them
0403: throw new AuthorizationException(
0404: "No portal information exists for user "
0405: + userName);
0406: }
0407:
0408: } catch (Exception e) {
0409: log.error(e.getMessage(), e);
0410: throw new AuthorizationException(e);
0411: }
0412:
0413: return portalUser.getUserId();
0414: }
0415:
0416: static final protected void commit(Connection connection) {
0417: try {
0418: if (RDBMServices.getDbMetaData().supportsTransactions())
0419: connection.commit();
0420: } catch (Exception e) {
0421: log.error("RDBMUserIdentityStore::commit(): " + e);
0422: }
0423: }
0424:
0425: static final protected void rollback(Connection connection) {
0426: try {
0427: if (RDBMServices.getDbMetaData().supportsTransactions())
0428: connection.rollback();
0429: } catch (Exception e) {
0430: log.error("RDBMUserIdentityStore::rollback(): " + e);
0431: }
0432: }
0433:
0434: /**
0435: * Gets the PortalUser data store object for the specified user name.
0436: *
0437: * @param userName The user's name
0438: * @return A PortalUser object or null if the user doesn't exist.
0439: * @throws Exception
0440: */
0441: protected PortalUser getPortalUser(String userName)
0442: throws Exception {
0443: PortalUser portalUser = null;
0444:
0445: Connection con = null;
0446: try {
0447: con = RDBMServices.getConnection();
0448: PreparedStatement pstmt = null;
0449:
0450: try {
0451: String query = "SELECT USER_ID, USER_DFLT_USR_ID FROM UP_USER WHERE USER_NAME=?";
0452:
0453: pstmt = con.prepareStatement(query);
0454: pstmt.setString(1, userName);
0455:
0456: ResultSet rs = null;
0457: try {
0458: if (log.isDebugEnabled())
0459: log
0460: .debug("RDBMUserIdentityStore::getPortalUID(userName="
0461: + userName + "): " + query);
0462: rs = pstmt.executeQuery();
0463: if (rs.next()) {
0464: portalUser = new PortalUser();
0465: portalUser.setUserId(rs.getInt("USER_ID"));
0466: portalUser.setUserName(userName);
0467: portalUser.setDefaultUserId(rs
0468: .getInt("USER_DFLT_USR_ID"));
0469: }
0470: } finally {
0471: try {
0472: rs.close();
0473: } catch (Exception e) {
0474: }
0475: }
0476: } finally {
0477: try {
0478: pstmt.close();
0479: } catch (Exception e) {
0480: }
0481: }
0482: } finally {
0483: try {
0484: RDBMServices.releaseConnection(con);
0485: } catch (Exception e) {
0486: }
0487: }
0488:
0489: return portalUser;
0490: }
0491:
0492: protected String getTemplateName(IPerson person) {
0493: String templateName = (String) person
0494: .getAttribute(templateAttrName);
0495: // Just use the default template if requested template not populated
0496: if (templateName == null || templateName.equals("")) {
0497: templateName = defaultTemplateUserName;
0498: }
0499: return templateName;
0500: }
0501:
0502: /**
0503: * Gets the TemplateUser data store object for the specified template user name.
0504: *
0505: * @param templateUserName The template user's name
0506: * @return A TemplateUser object or null if the user doesn't exist.
0507: * @throws Exception
0508: */
0509: protected TemplateUser getTemplateUser(String templateUserName)
0510: throws Exception {
0511: TemplateUser templateUser = null;
0512:
0513: Connection con = null;
0514: try {
0515: con = RDBMServices.getConnection();
0516: PreparedStatement pstmt = null;
0517: try {
0518: String query = "SELECT USER_ID, USER_DFLT_LAY_ID FROM UP_USER WHERE USER_NAME=?";
0519:
0520: pstmt = con.prepareStatement(query);
0521: pstmt.setString(1, templateUserName);
0522:
0523: ResultSet rs = null;
0524: try {
0525: if (log.isDebugEnabled())
0526: log
0527: .debug("RDBMUserIdentityStore::getTemplateUser(templateUserName="
0528: + templateUserName
0529: + "): "
0530: + query);
0531: rs = pstmt.executeQuery();
0532: if (rs.next()) {
0533: templateUser = new TemplateUser();
0534: templateUser.setUserName(templateUserName);
0535: templateUser.setUserId(rs.getInt("USER_ID"));
0536: templateUser.setDefaultLayoutId(rs
0537: .getInt("USER_DFLT_LAY_ID"));
0538: } else {
0539: if (!templateUserName
0540: .equals(defaultTemplateUserName)) {
0541: templateUser = getTemplateUser(defaultTemplateUserName);
0542: }
0543: }
0544: } finally {
0545: try {
0546: rs.close();
0547: } catch (Exception e) {
0548: }
0549: }
0550: } finally {
0551: try {
0552: pstmt.close();
0553: } catch (Exception e) {
0554: }
0555: }
0556: } finally {
0557: try {
0558: RDBMServices.releaseConnection(con);
0559: } catch (Exception e) {
0560: }
0561: }
0562:
0563: return templateUser;
0564: }
0565:
0566: protected boolean userHasSavedLayout(int userId) throws Exception {
0567: boolean userHasSavedLayout = false;
0568: Connection con = null;
0569: try {
0570: con = RDBMServices.getConnection();
0571: PreparedStatement pstmt = null;
0572: try {
0573: String query = "SELECT * FROM UP_USER_PROFILE WHERE USER_ID=? AND LAYOUT_ID IS NOT NULL AND LAYOUT_ID!=0";
0574:
0575: pstmt = con.prepareStatement(query);
0576: pstmt.setInt(1, userId);
0577:
0578: ResultSet rs = null;
0579: try {
0580: if (log.isDebugEnabled())
0581: log
0582: .debug("RDBMUserIdentityStore::getTemplateUser(userId="
0583: + userId + "): " + query);
0584: rs = pstmt.executeQuery();
0585: if (rs.next()) {
0586: userHasSavedLayout = true;
0587: }
0588: } finally {
0589: try {
0590: rs.close();
0591: } catch (Exception e) {
0592: }
0593: }
0594: } finally {
0595: try {
0596: pstmt.close();
0597: } catch (Exception e) {
0598: }
0599: }
0600: } finally {
0601: try {
0602: RDBMServices.releaseConnection(con);
0603: } catch (Exception e) {
0604: }
0605: }
0606:
0607: return userHasSavedLayout;
0608: }
0609:
0610: private ILockableEntityGroup getSafeLockableGroup(IEntityGroup eg,
0611: IGroupMember gm) {
0612: if (log.isTraceEnabled()) {
0613: log.trace("Creating lockable group for group/member: " + eg
0614: + "/" + gm);
0615: }
0616:
0617: ILockableEntityGroup leg = null;
0618:
0619: try {
0620: if (eg.isEditable()) {
0621: leg = GroupService.findLockableGroup(eg.getKey(), gm
0622: .getKey());
0623: }
0624: } catch (Exception e) {
0625: // Bummer. but the only thing to do is to press on
0626: log.error(
0627: "Unable to create lockable group for group/member: "
0628: + eg + "/" + gm, e);
0629: }
0630:
0631: return leg;
0632: }
0633:
0634: /**
0635: * Remove a person from a group. This method catches and logs exceptions
0636: * exceptions encountered performing the removal.
0637: * @param person person to be removed (used for logging)
0638: * @param me member representing the person
0639: * @param eg group from which the user should be removed
0640: */
0641: private void removePersonFromGroup(IPerson person, IGroupMember me,
0642: IEntityGroup eg) {
0643: if (log.isTraceEnabled()) {
0644: log.trace("Removing " + person + " from group " + eg);
0645: }
0646: try {
0647: if (eg.isEditable()) {
0648: eg.removeMember(me);
0649: eg.updateMembers();
0650: }
0651: } catch (Exception e) {
0652: // Bummer. but the only thing to do is to press on
0653: log.error("Unable to remove " + person + " from group "
0654: + eg, e);
0655: }
0656: }
0657:
0658: /**
0659: * Add a person to a group. This method catches and logs exceptions encountered
0660: * performing the removal.
0661: * @param person person to be added (used for logging)
0662: * @param me member representing the person
0663: * @param eg group to which the user should be added
0664: */
0665: private void addPersonToGroup(IPerson person, IGroupMember me,
0666: IEntityGroup eg) {
0667: if (log.isTraceEnabled()) {
0668: log.trace("Adding " + person + " to group " + eg);
0669: }
0670: try {
0671: if (eg.isEditable()) {
0672: eg.addMember(me);
0673: eg.updateMembers();
0674: }
0675: } catch (Exception e) {
0676: log.error("Unable to add " + person + " to group " + eg, e);
0677: }
0678: }
0679:
0680: protected void updateUser(int userId, IPerson person,
0681: TemplateUser templateUser) throws Exception {
0682: // Remove my existing group memberships
0683: IGroupMember me = GroupService.getGroupMember(person
0684: .getEntityIdentifier());
0685: Iterator myExistingGroups = me.getContainingGroups();
0686: while (myExistingGroups.hasNext()) {
0687: IEntityGroup eg = (IEntityGroup) myExistingGroups.next();
0688: ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
0689: if (leg != null) {
0690: removePersonFromGroup(person, me, leg);
0691: }
0692: }
0693:
0694: // Copy template user's groups memberships
0695: IGroupMember template = GroupService.getEntity(templateUser
0696: .getUserName(), Class
0697: .forName("org.jasig.portal.security.IPerson"));
0698: Iterator templateGroups = template.getContainingGroups();
0699: while (templateGroups.hasNext()) {
0700: IEntityGroup eg = (IEntityGroup) templateGroups.next();
0701: ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
0702: if (leg != null) {
0703: addPersonToGroup(person, me, leg);
0704: }
0705: }
0706:
0707: Connection con = null;
0708: try {
0709: con = RDBMServices.getConnection();
0710: // Turn off autocommit if the database supports it
0711: if (RDBMServices.getDbMetaData().supportsTransactions())
0712: con.setAutoCommit(false);
0713:
0714: PreparedStatement deleteStmt = null;
0715: PreparedStatement queryStmt = null;
0716: PreparedStatement insertStmt = null;
0717: try {
0718: // Update UP_USER
0719: String update = "UPDATE UP_USER "
0720: + "SET USER_DFLT_USR_ID=?, "
0721: + "USER_DFLT_LAY_ID=?, "
0722: + "NEXT_STRUCT_ID=null " + "WHERE USER_ID=?";
0723:
0724: insertStmt = con.prepareStatement(update);
0725: insertStmt.setInt(1, templateUser.getUserId());
0726: insertStmt.setInt(2, templateUser.getDefaultLayoutId());
0727: insertStmt.setInt(3, userId);
0728:
0729: if (log.isDebugEnabled())
0730: log.debug("RDBMUserIdentityStore::addNewUser(): "
0731: + update);
0732: insertStmt.executeUpdate();
0733: insertStmt.close();
0734:
0735: // Start copying...
0736: ResultSet rs = null;
0737: String delete = null;
0738: String query = null;
0739: String insert = null;
0740: try {
0741: // Update UP_USER_PARAM
0742: delete = "DELETE FROM UP_USER_PARAM "
0743: + "WHERE USER_ID=?";
0744: deleteStmt = con.prepareStatement(delete);
0745: deleteStmt.setInt(1, userId);
0746: if (log.isDebugEnabled())
0747: log
0748: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0749: + userId + "): " + delete);
0750: deleteStmt.executeUpdate();
0751: deleteStmt.close();
0752:
0753: query = "SELECT USER_ID, USER_PARAM_NAME, USER_PARAM_VALUE "
0754: + "FROM UP_USER_PARAM " + "WHERE USER_ID=?";
0755: queryStmt = con.prepareStatement(query);
0756: queryStmt.setInt(1, templateUser.getUserId());
0757: if (log.isDebugEnabled())
0758: log
0759: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0760: + templateUser.getUserId()
0761: + "): " + query);
0762: rs = queryStmt.executeQuery();
0763:
0764: insertStmt = con.prepareStatement(insert);
0765: while (rs.next()) {
0766: insert = "INSERT INTO UP_USER_PARAM (USER_ID, USER_PARAM_NAME, USER_PARAM_VALUE) "
0767: + "VALUES(?, ?, ?)";
0768:
0769: String userParamName = rs
0770: .getString("USER_PARAM_NAME");
0771: String userParamValue = rs
0772: .getString("USER_PARAM_VALUE");
0773:
0774: insertStmt.setInt(1, userId);
0775: insertStmt.setString(2, userParamName);
0776: insertStmt.setString(3, userParamValue);
0777:
0778: if (log.isDebugEnabled())
0779: log
0780: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0781: + userId
0782: + ", USER_PARAM_NAME="
0783: + userParamName
0784: + ", USER_PARAM_VALUE="
0785: + userParamValue
0786: + "): "
0787: + insert);
0788: insertStmt.executeUpdate();
0789: }
0790: rs.close();
0791: queryStmt.close();
0792: insertStmt.close();
0793:
0794: // Update UP_USER_PROFILE
0795: delete = "DELETE FROM UP_USER_PROFILE "
0796: + "WHERE USER_ID=?";
0797: deleteStmt = con.prepareStatement(delete);
0798: deleteStmt.setInt(1, userId);
0799: if (log.isDebugEnabled())
0800: log
0801: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0802: + userId + "): " + delete);
0803: deleteStmt.executeUpdate();
0804: deleteStmt.close();
0805:
0806: query = "SELECT USER_ID, PROFILE_ID, PROFILE_NAME, DESCRIPTION "
0807: + "FROM UP_USER_PROFILE "
0808: + "WHERE USER_ID=?";
0809: queryStmt = con.prepareStatement(query);
0810: queryStmt.setInt(1, templateUser.getUserId());
0811: if (log.isDebugEnabled())
0812: log
0813: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0814: + templateUser.getUserId()
0815: + "): " + query);
0816: rs = queryStmt.executeQuery();
0817:
0818: insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) "
0819: + "VALUES(?, ?, ?, ?, NULL, NULL, NULL)";
0820: insertStmt = con.prepareStatement(insert);
0821: while (rs.next()) {
0822:
0823: int profileId = rs.getInt("PROFILE_ID");
0824: String profileName = rs
0825: .getString("PROFILE_NAME");
0826: String description = rs
0827: .getString("DESCRIPTION");
0828:
0829: insertStmt.setInt(1, userId);
0830: insertStmt.setInt(2, profileId);
0831: insertStmt.setString(3, profileName);
0832: insertStmt.setString(4, description);
0833:
0834: if (log.isDebugEnabled())
0835: log
0836: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0837: + userId
0838: + ", PROFILE_ID="
0839: + profileId
0840: + ", PROFILE_NAME="
0841: + profileName
0842: + ", DESCRIPTION="
0843: + description
0844: + "): "
0845: + insert);
0846: insertStmt.executeUpdate();
0847: }
0848: rs.close();
0849: queryStmt.close();
0850: insertStmt.close();
0851:
0852: // Update UP_USER_UA_MAP
0853: delete = "DELETE FROM UP_USER_UA_MAP "
0854: + "WHERE USER_ID=?";
0855: deleteStmt = con.prepareStatement(delete);
0856: deleteStmt.setInt(1, userId);
0857: if (log.isDebugEnabled())
0858: log
0859: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0860: + userId + "): " + delete);
0861: deleteStmt.executeUpdate();
0862: deleteStmt.close();
0863:
0864: query = "SELECT USER_ID, USER_AGENT, PROFILE_ID "
0865: + "FROM UP_USER_UA_MAP WHERE USER_ID=?";
0866: queryStmt = con.prepareStatement(query);
0867: queryStmt.setInt(1, templateUser.getUserId());
0868: if (log.isDebugEnabled())
0869: log
0870: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0871: + templateUser.getUserId()
0872: + "): " + query);
0873: rs = queryStmt.executeQuery();
0874:
0875: insert = "INSERT INTO UP_USER_UA_MAP (USER_ID, USER_AGENT, PROFILE_ID) "
0876: + "VALUES(?, ?, ?)";
0877: insertStmt = con.prepareStatement(insert);
0878: while (rs.next()) {
0879: String userAgent = rs.getString("USER_AGENT");
0880: String profileId = rs.getString("PROFILE_ID");
0881:
0882: insertStmt.setInt(1, userId);
0883: insertStmt.setString(2, userAgent);
0884: insertStmt.setString(3, profileId);
0885:
0886: if (log.isDebugEnabled())
0887: log
0888: .debug("RDBMUserIdentityStore::updateUser(USER_ID="
0889: + userId
0890: + ", USER_AGENT="
0891: + userAgent
0892: + ", PROFILE_ID="
0893: + profileId
0894: + "): "
0895: + insert);
0896: insertStmt.executeUpdate();
0897: }
0898: rs.close();
0899: queryStmt.close();
0900: insertStmt.close();
0901:
0902: // If we made it all the way though, commit the transaction
0903: if (RDBMServices.getDbMetaData()
0904: .supportsTransactions())
0905: con.commit();
0906:
0907: } finally {
0908: try {
0909: rs.close();
0910: } catch (Exception e) {
0911: }
0912: }
0913: } finally {
0914: try {
0915: deleteStmt.close();
0916: } catch (Exception e) {
0917: }
0918: try {
0919: queryStmt.close();
0920: } catch (Exception e) {
0921: }
0922: try {
0923: insertStmt.close();
0924: } catch (Exception e) {
0925: }
0926: }
0927: } catch (SQLException sqle) {
0928: if (RDBMServices.getDbMetaData().supportsTransactions())
0929: con.rollback();
0930: throw new AuthorizationException(
0931: "SQL database error while retrieving user's portal UID",
0932: sqle);
0933: } finally {
0934: try {
0935: RDBMServices.releaseConnection(con);
0936: } catch (Exception e) {
0937: }
0938: }
0939:
0940: return;
0941: }
0942:
0943: protected int addNewUser(int newUID, IPerson person,
0944: TemplateUser templateUser) throws Exception {
0945: // Copy template user's groups memberships
0946: IGroupMember me = GroupService.getGroupMember(person
0947: .getEntityIdentifier());
0948: IGroupMember template = GroupService.getEntity(templateUser
0949: .getUserName(), Class
0950: .forName("org.jasig.portal.security.IPerson"));
0951: Iterator templateGroups = template.getContainingGroups();
0952: while (templateGroups.hasNext()) {
0953: IEntityGroup eg = (IEntityGroup) templateGroups.next();
0954: ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
0955: if (leg != null) {
0956: addPersonToGroup(person, me, leg);
0957: }
0958: }
0959:
0960: int uPortalUID = -1;
0961: Connection con = null;
0962: try {
0963: con = RDBMServices.getConnection();
0964: // Turn off autocommit if the database supports it
0965: if (RDBMServices.getDbMetaData().supportsTransactions())
0966: con.setAutoCommit(false);
0967:
0968: PreparedStatement queryStmt = null;
0969: PreparedStatement insertStmt = null;
0970: try {
0971: // Add to UP_USER
0972: String insert = "INSERT INTO UP_USER (USER_ID, USER_NAME, USER_DFLT_USR_ID, USER_DFLT_LAY_ID, NEXT_STRUCT_ID, LST_CHAN_UPDT_DT)"
0973: + "VALUES (?, ?, ?, ?, null, null)";
0974:
0975: String userName = getUsername(person);
0976:
0977: insertStmt = con.prepareStatement(insert);
0978: insertStmt.setInt(1, newUID);
0979: insertStmt.setString(2, userName);
0980: insertStmt.setInt(3, templateUser.getUserId());
0981: insertStmt.setInt(4, templateUser.getDefaultLayoutId());
0982:
0983: if (log.isDebugEnabled())
0984: log
0985: .debug("RDBMUserIdentityStore::addNewUser(USER_ID="
0986: + newUID
0987: + ", USER_NAME="
0988: + userName
0989: + ", USER_DFLT_USR_ID="
0990: + templateUser.getUserId()
0991: + ", USER_DFLT_LAY_ID="
0992: + templateUser.getDefaultLayoutId()
0993: + "): " + insert);
0994: insertStmt.executeUpdate();
0995: insertStmt.close();
0996: insertStmt = null;
0997:
0998: // Start copying...
0999: ResultSet rs = null;
1000: String query = null;
1001: try {
1002: // Add to UP_USER_PARAM
1003: query = "SELECT USER_ID, USER_PARAM_NAME, USER_PARAM_VALUE "
1004: + "FROM UP_USER_PARAM " + "WHERE USER_ID=?";
1005: queryStmt = con.prepareStatement(query);
1006: queryStmt.setInt(1, templateUser.getUserId());
1007: if (log.isDebugEnabled())
1008: log
1009: .debug("RDBMUserIdentityStore::addNewUser(USER_ID="
1010: + templateUser.getUserId()
1011: + "): " + query);
1012: rs = queryStmt.executeQuery();
1013:
1014: insert = "INSERT INTO UP_USER_PARAM (USER_ID, USER_PARAM_NAME, USER_PARAM_VALUE) "
1015: + "VALUES(?, ?, ?)";
1016: insertStmt = con.prepareStatement(insert);
1017: while (rs.next()) {
1018: String userParamName = rs
1019: .getString("USER_PARAM_NAME");
1020: String userParamValue = rs
1021: .getString("USER_PARAM_VALUE");
1022:
1023: insertStmt.setInt(1, newUID);
1024: insertStmt.setString(2, userParamName);
1025: insertStmt.setString(3, userParamValue);
1026:
1027: if (log.isDebugEnabled())
1028: log
1029: .debug("RDBMUserIdentityStore::addNewUser(USER_ID="
1030: + newUID
1031: + ", USER_PARAM_NAME="
1032: + userParamName
1033: + ", USER_PARAM_VALUE="
1034: + userParamValue
1035: + "): "
1036: + insert);
1037: insertStmt.executeUpdate();
1038: }
1039: rs.close();
1040: queryStmt.close();
1041:
1042: if (insertStmt != null) {
1043: insertStmt.close();
1044: insertStmt = null;
1045: }
1046:
1047: // Add to UP_USER_PROFILE
1048: query = "SELECT USER_ID, PROFILE_ID, PROFILE_NAME, DESCRIPTION "
1049: + "FROM UP_USER_PROFILE "
1050: + "WHERE USER_ID=?";
1051: queryStmt = con.prepareStatement(query);
1052: queryStmt.setInt(1, templateUser.getUserId());
1053: if (log.isDebugEnabled())
1054: log
1055: .debug("RDBMUserIdentityStore::addNewUser(USER_ID="
1056: + templateUser.getUserId()
1057: + "): " + query);
1058: rs = queryStmt.executeQuery();
1059:
1060: insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) "
1061: + "VALUES(?, ?, ?, ?, NULL, NULL, NULL)";
1062: insertStmt = con.prepareStatement(insert);
1063: while (rs.next()) {
1064:
1065: int profileId = rs.getInt("PROFILE_ID");
1066: String profileName = rs
1067: .getString("PROFILE_NAME");
1068: String description = rs
1069: .getString("DESCRIPTION");
1070:
1071: insertStmt.setInt(1, newUID);
1072: insertStmt.setInt(2, profileId);
1073: insertStmt.setString(3, profileName);
1074: insertStmt.setString(4, description);
1075:
1076: if (log.isDebugEnabled())
1077: log
1078: .debug("RDBMUserIdentityStore::addNewUser(USER_ID="
1079: + newUID
1080: + ", PROFILE_ID="
1081: + profileId
1082: + ", PROFILE_NAME="
1083: + profileName
1084: + ", DESCRIPTION="
1085: + description
1086: + "): "
1087: + insert);
1088: insertStmt.executeUpdate();
1089: }
1090: rs.close();
1091: queryStmt.close();
1092:
1093: if (insertStmt != null) {
1094: insertStmt.close();
1095: insertStmt = null;
1096: }
1097:
1098: query = "SELECT USER_ID, USER_AGENT, PROFILE_ID "
1099: + "FROM UP_USER_UA_MAP WHERE USER_ID=?";
1100: queryStmt = con.prepareStatement(query);
1101: queryStmt.setInt(1, templateUser.getUserId());
1102: if (log.isDebugEnabled())
1103: log
1104: .debug("RDBMUserIdentityStore::addNewUser(USER_ID="
1105: + templateUser.getUserId()
1106: + "): " + query);
1107: rs = queryStmt.executeQuery();
1108:
1109: insert = "INSERT INTO UP_USER_UA_MAP (USER_ID, USER_AGENT, PROFILE_ID) "
1110: + "VALUES(?, ?, ?)";
1111: insertStmt = con.prepareStatement(insert);
1112: while (rs.next()) {
1113:
1114: String userAgent = rs.getString("USER_AGENT");
1115: String profileId = rs.getString("PROFILE_ID");
1116:
1117: insertStmt.setInt(1, newUID);
1118: insertStmt.setString(2, userAgent);
1119: insertStmt.setString(3, profileId);
1120:
1121: if (log.isDebugEnabled())
1122: log
1123: .debug("RDBMUserIdentityStore::addNewUser(USER_ID="
1124: + newUID
1125: + ", USER_AGENT="
1126: + userAgent
1127: + ", PROFILE_ID="
1128: + profileId
1129: + "): "
1130: + insert);
1131: insertStmt.executeUpdate();
1132: }
1133: rs.close();
1134: rs = null;
1135: queryStmt.close();
1136: queryStmt = null;
1137:
1138: if (insertStmt != null) {
1139: insertStmt.close();
1140: insertStmt = null;
1141: }
1142:
1143: // If we made it all the way though, commit the transaction
1144: if (RDBMServices.getDbMetaData()
1145: .supportsTransactions())
1146: con.commit();
1147:
1148: uPortalUID = newUID;
1149:
1150: } finally {
1151: try {
1152: if (rs != null)
1153: rs.close();
1154: } catch (Exception e) {
1155: }
1156: }
1157: } finally {
1158: try {
1159: if (queryStmt != null)
1160: queryStmt.close();
1161: } catch (Exception e) {
1162: }
1163: try {
1164: if (insertStmt != null)
1165: insertStmt.close();
1166: } catch (Exception e) {
1167: }
1168: }
1169: } catch (SQLException sqle) {
1170: if (RDBMServices.getDbMetaData().supportsTransactions())
1171: con.rollback();
1172: throw new AuthorizationException(
1173: "SQL database error while retrieving user's portal UID",
1174: sqle);
1175: } finally {
1176: try {
1177: RDBMServices.releaseConnection(con);
1178: } catch (Exception e) {
1179: }
1180: }
1181:
1182: return uPortalUID;
1183: }
1184:
1185: protected class PortalUser {
1186: String userName;
1187: int userId;
1188: int defaultUserId;
1189:
1190: public String getUserName() {
1191: return userName;
1192: }
1193:
1194: public int getUserId() {
1195: return userId;
1196: }
1197:
1198: public int getDefaultUserId() {
1199: return defaultUserId;
1200: }
1201:
1202: public void setUserName(String userName) {
1203: this .userName = userName;
1204: }
1205:
1206: public void setUserId(int userId) {
1207: this .userId = userId;
1208: }
1209:
1210: public void setDefaultUserId(int defaultUserId) {
1211: this .defaultUserId = defaultUserId;
1212: }
1213: }
1214:
1215: protected class TemplateUser {
1216: String userName;
1217: int userId;
1218: int defaultLayoutId;
1219:
1220: public String getUserName() {
1221: return userName;
1222: }
1223:
1224: public int getUserId() {
1225: return userId;
1226: }
1227:
1228: public int getDefaultLayoutId() {
1229: return defaultLayoutId;
1230: }
1231:
1232: public void setUserName(String userName) {
1233: this .userName = userName;
1234: }
1235:
1236: public void setUserId(int userId) {
1237: this .userId = userId;
1238: }
1239:
1240: public void setDefaultLayoutId(int defaultLayoutId) {
1241: this.defaultLayoutId = defaultLayoutId;
1242: }
1243: }
1244:
1245: }
|