001: package org.apache.turbine.om.security.peer;
002:
003: /*
004: * Licensed to the Apache Software Foundation (ASF) under one
005: * or more contributor license agreements. See the NOTICE file
006: * distributed with this work for additional information
007: * regarding copyright ownership. The ASF licenses this file
008: * to you under the Apache License, Version 2.0 (the
009: * "License"); you may not use this file except in compliance
010: * with the License. You may obtain a copy of the License at
011: *
012: * http://www.apache.org/licenses/LICENSE-2.0
013: *
014: * Unless required by applicable law or agreed to in writing,
015: * software distributed under the License is distributed on an
016: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017: * KIND, either express or implied. See the License for the
018: * specific language governing permissions and limitations
019: * under the License.
020: */
021:
022: import java.util.ArrayList;
023: import java.util.Enumeration;
024: import java.util.List;
025: import java.util.Vector;
026:
027: import org.apache.torque.Torque;
028: import org.apache.torque.TorqueException;
029: import org.apache.torque.om.BaseObject;
030: import org.apache.torque.om.NumberKey;
031: import org.apache.torque.util.BasePeer;
032: import org.apache.torque.util.Criteria;
033: import org.apache.turbine.om.security.Permission;
034: import org.apache.turbine.om.security.Role;
035: import org.apache.turbine.om.security.TurbinePermission;
036: import org.apache.turbine.om.security.TurbineRole;
037: import org.apache.turbine.services.security.TurbineSecurity;
038: import org.apache.turbine.util.db.map.TurbineMapBuilder;
039: import org.apache.turbine.util.security.DataBackendException;
040: import org.apache.turbine.util.security.PermissionSet;
041:
042: import com.workingdogs.village.Record;
043:
044: /**
045: * This class handles all the database access for the PERMISSION
046: * table. This table contains all the permissions that are used in
047: * the system.
048: *
049: * @author <a href="mailto:frank.kim@clearink.com">Frank Y. Kim</a>
050: * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
051: * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
052: *
053: * @deprecated Use {@link org.apache.turbine.services.security.torque.TorqueSecurityService}
054: * instead.
055: *
056: * @version $Id: PermissionPeer.java 571795 2007-09-01 13:09:35Z tv $
057: */
058: public class PermissionPeer extends BasePeer {
059: /** Serial Version UID */
060: private static final long serialVersionUID = 2762005892291909743L;
061:
062: /** The map builder for this Peer. */
063: private static final TurbineMapBuilder MAP_BUILDER;
064:
065: /** The table name for this peer. */
066: private static final String TABLE_NAME;
067:
068: /** The column name for the permission id field. */
069: public static final String PERMISSION_ID;
070:
071: /** The column name for the ObjectData field */
072: public static final String OBJECTDATA;
073:
074: /** The column name for the name field. */
075: public static final String NAME;
076:
077: static {
078: try {
079: MAP_BUILDER = (TurbineMapBuilder) Torque
080: .getMapBuilder(TurbineMapBuilder.class.getName());
081: } catch (TorqueException e) {
082: log.error("Could not initialize Peer", e);
083: throw new RuntimeException(e);
084: }
085:
086: TABLE_NAME = MAP_BUILDER.getTablePermission();
087: PERMISSION_ID = MAP_BUILDER.getPermission_PermissionId();
088: NAME = MAP_BUILDER.getPermission_Name();
089: OBJECTDATA = MAP_BUILDER.getPermission_ObjectData();
090: }
091:
092: /**
093: * Retrieves/assembles a PermissionSet
094: *
095: * @param criteria The criteria to use.
096: * @return A PermissionSet.
097: * @exception Exception a generic exception.
098: */
099: public static PermissionSet retrieveSet(Criteria criteria)
100: throws Exception {
101: List results = PermissionPeer.doSelect(criteria);
102: PermissionSet ps = new PermissionSet();
103: for (int i = 0; i < results.size(); i++) {
104: ps.add((Permission) results.get(i));
105: }
106: return ps;
107: }
108:
109: /**
110: * Retrieves a set of Permissions associated with a particular Role.
111: *
112: * @param role The role to query permissions of.
113: * @return A set of permissions associated with the Role.
114: * @exception Exception a generic exception.
115: */
116: public static PermissionSet retrieveSet(Role role) throws Exception {
117: Criteria criteria = new Criteria();
118: criteria.add(RolePermissionPeer.ROLE_ID, ((TurbineRole) role)
119: .getPrimaryKey());
120: criteria.addJoin(RolePermissionPeer.PERMISSION_ID,
121: PermissionPeer.PERMISSION_ID);
122: return retrieveSet(criteria);
123: }
124:
125: /**
126: * Issues a select based on a criteria.
127: *
128: * @param criteria Object containing data that is used to create
129: * the SELECT statement.
130: * @return Vector containing Permission objects.
131: * @exception TorqueException a generic exception.
132: */
133: public static List doSelect(Criteria criteria)
134: throws TorqueException {
135: try {
136: criteria.addSelectColumn(PERMISSION_ID).addSelectColumn(
137: NAME).addSelectColumn(OBJECTDATA);
138:
139: if (criteria.getOrderByColumns() == null
140: || criteria.getOrderByColumns().size() == 0) {
141: criteria.addAscendingOrderByColumn(NAME);
142: }
143:
144: // Place any checks here to intercept criteria which require
145: // custom SQL. For example:
146: // if ( criteria.containsKey("SomeTable.SomeColumn") )
147: // {
148: // String whereSql = "SomeTable.SomeColumn IN (Select ...";
149: // criteria.add("SomeTable.SomeColumn",
150: // whereSQL, criteria.CUSTOM);
151: // }
152:
153: // BasePeer returns a Vector of Value (Village) arrays. The
154: // array order follows the order columns were placed in the
155: // Select clause.
156: List rows = BasePeer.doSelect(criteria);
157: List results = new ArrayList();
158:
159: // Populate the object(s).
160: for (int i = 0; i < rows.size(); i++) {
161: Permission obj = TurbineSecurity
162: .getPermissionInstance(null);
163: Record row = (Record) rows.get(i);
164: ((TurbinePermission) obj).setPrimaryKey(new NumberKey(
165: row.getValue(1).asInt()));
166: ((TurbinePermission) obj).setName(row.getValue(2)
167: .asString());
168:
169: // TODO: Clean up OBJECTDATA columns. They are no longer supported
170: /*
171: byte[] objectData = row.getValue(3).asBytes();
172: Map temp = (Map) ObjectUtils.deserialize(objectData);
173: if (temp != null)
174: {
175: ((TurbinePermission) obj).setAttributes(temp);
176: }
177: */
178:
179: results.add(obj);
180: }
181:
182: return results;
183: } catch (Exception ex) {
184: throw new TorqueException(ex);
185: }
186: }
187:
188: /**
189: * Builds a criteria object based upon an Permission object
190: *
191: * @param permission object to build the criteria
192: * @return the Criteria
193: */
194: public static Criteria buildCriteria(Permission permission) {
195: Criteria criteria = new Criteria();
196: if (!((BaseObject) permission).isNew()) {
197: criteria.add(PERMISSION_ID, ((BaseObject) permission)
198: .getPrimaryKey());
199: }
200: criteria.add(NAME, ((TurbinePermission) permission).getName());
201:
202: /*
203: * This is causing the the removal and updating of
204: * a permission to crap out. This addition to the
205: * criteria produces something like:
206: *
207: * where OBJECTDATA = {}
208: *
209: * Is the NAME even necessary. Wouldn't
210: * criteria.add(PERMISSION_ID, N) be enough to
211: * generate a where clause that would remove the
212: * permission?
213: *
214: * criteria.add(OBJECTDATA, permission.getAttributes());
215: */
216: return criteria;
217: }
218:
219: /**
220: * Issues an update based on a criteria.
221: *
222: * @param criteria Object containing data that is used to create
223: * the UPDATE statement.
224: * @exception TorqueException a generic exception.
225: */
226: public static void doUpdate(Criteria criteria)
227: throws TorqueException {
228: Criteria selectCriteria = new Criteria(2);
229: selectCriteria.put(PERMISSION_ID, criteria
230: .remove(PERMISSION_ID));
231: BasePeer.doUpdate(selectCriteria, criteria);
232: }
233:
234: /**
235: * Checks if a Permission is defined in the system. The name
236: * is used as query criteria.
237: *
238: * @param permission The Permission to be checked.
239: * @return <code>true</code> if given Permission exists in the system.
240: * @throws DataBackendException when more than one Permission with
241: * the same name exists.
242: * @throws Exception a generic exception.
243: */
244: public static boolean checkExists(Permission permission)
245: throws DataBackendException, Exception {
246: Criteria criteria = new Criteria();
247: criteria.addSelectColumn(PERMISSION_ID);
248: criteria.add(NAME, ((TurbinePermission) permission).getName());
249: List results = BasePeer.doSelect(criteria);
250: if (results.size() > 1) {
251: throw new DataBackendException(
252: "Multiple permissions named '"
253: + ((TurbinePermission) permission)
254: .getName() + "' exist!");
255: }
256: return (results.size() == 1);
257: }
258:
259: /**
260: * Get the name of this table.
261: *
262: * @return A String with the name of the table.
263: */
264: public static String getTableName() {
265: return TABLE_NAME;
266: }
267:
268: /**
269: * Returns the full name of a column.
270: *
271: * @param name name of a column
272: * @return A String with the full name of the column.
273: */
274: public static String getColumnName(String name) {
275: StringBuffer sb = new StringBuffer();
276: sb.append(TABLE_NAME);
277: sb.append(".");
278: sb.append(name);
279: return sb.toString();
280: }
281:
282: /**
283: * Pass in two Vector's of Permission Objects. It will return a
284: * new Vector with the difference of the two Vectors: C = (A - B).
285: *
286: * @param some Vector B in C = (A - B).
287: * @param all Vector A in C = (A - B).
288: * @return Vector C in C = (A - B).
289: */
290: public static final Vector getDifference(Vector some, Vector all) {
291: Vector clone = (Vector) all.clone();
292: for (Enumeration e = some.elements(); e.hasMoreElements();) {
293: Permission tmp = (Permission) e.nextElement();
294: for (Enumeration f = clone.elements(); f.hasMoreElements();) {
295: Permission tmp2 = (Permission) f.nextElement();
296: if (((BaseObject) tmp).getPrimaryKey() == ((BaseObject) tmp2)
297: .getPrimaryKey()) {
298: clone.removeElement(tmp2);
299: break;
300: }
301: }
302: }
303: return clone;
304: }
305: }
|