Coverage Summary for Class: SQLAccessControlContextFactory (com.acciente.oacc.sql)

1 /* 2  * Copyright 2009-2017, Acciente LLC 3  * 4  * Acciente LLC licenses this file to you under the 5  * Apache License, Version 2.0 (the "License"); you 6  * may not use this file except in compliance with the 7  * License. You may obtain a copy of the License at 8  * 9  * http://www.apache.org/licenses/LICENSE-2.0 10  * 11  * Unless required by applicable law or agreed to in 12  * writing, software distributed under the License is 13  * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES 14  * OR CONDITIONS OF ANY KIND, either express or implied. 15  * See the License for the specific language governing 16  * permissions and limitations under the License. 17  */ 18 package com.acciente.oacc.sql; 19  20 import com.acciente.oacc.AccessControlContext; 21 import com.acciente.oacc.AuthenticationProvider; 22 import com.acciente.oacc.encryptor.PasswordEncryptor; 23 import com.acciente.oacc.encryptor.jasypt.JasyptPasswordEncryptor; 24 import com.acciente.oacc.encryptor.jasypt.LegacyJasyptPasswordEncryptor; 25 import com.acciente.oacc.sql.internal.SQLAccessControlContext; 26  27 import javax.sql.DataSource; 28 import java.sql.Connection; 29  30 /** 31  * The factory that provides OACC's AccessControlContext implementation, which is backed by a database. 32  */ 33 public class SQLAccessControlContextFactory { 34  /** 35  * Creates an {@link AccessControlContext} instance backed by the specified database connection. A set of valid 36  * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database 37  * server for which the connection is provided is specified using the SQLProfile parameter. The access control 38  * context returned by this method uses the built-in authentication provider that delegates all password encryption 39  * and decryption to a {@link PasswordEncryptor} instance provided by 40  * {@link LegacyJasyptPasswordEncryptor#newInstance()} -- therefore the instance returned by this method may 41  * only be used when all existing resource passwords were encrypted using Jasypt. This method is deprecated, please 42  * see the deprecation note below. 43  * 44  * @param connection a database connection with access to the required OACC tables 45  * @param schemaName the name of the schema in the database containing the OACC tables 46  * @param sqlProfile the database provider and dialect of SQL supported for the database server associated 47  * with the connection provided 48  * @return an {@link AccessControlContext} instance ready to receive API calls 49  * @deprecated as of OACC v2.0.0-rc8, replaced by 50  * {@link #getAccessControlContext(Connection, String, SQLProfile, PasswordEncryptor)} where the password encryptor 51  * parameter is an instance of the new Jasypt password encryptor implementation 52  * {@link JasyptPasswordEncryptor}. 53  */ 54  @Deprecated 55  public static AccessControlContext getAccessControlContext(Connection connection, 56  String schemaName, 57  SQLProfile sqlProfile) { 58  return SQLAccessControlContext.getAccessControlContext(connection, 59  schemaName, 60  sqlProfile, 61  LegacyJasyptPasswordEncryptor.newInstance()); 62  } 63  64  /** 65  * Creates an {@link AccessControlContext} instance backed by the specified database data source. A set of valid 66  * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database 67  * server for which the data source is provided is specified using the SQLProfile parameter. The access control 68  * context returned by this method uses the built-in authentication provider that delegates all password encryption 69  * and decryption to a {@link PasswordEncryptor} instance provided by 70  * {@link LegacyJasyptPasswordEncryptor#newInstance()} -- therefore the instance returned by this method may 71  * only be used when all existing resource passwords were encrypted using Jasypt. This method is deprecated, please 72  * see the deprecation note below. 73  * 74  * @param dataSource a database data source with access to the required OACC tables 75  * @param schemaName the name of the schema in the database containing the OACC tables 76  * @param sqlProfile the database provider and dialect of SQL supported for the database server associated 77  * with the connection provided 78  * @return an {@link AccessControlContext} instance ready to receive API calls 79  * @deprecated as of OACC v2.0.0-rc8, replaced by 80  * {@link #getAccessControlContext(DataSource, String, SQLProfile, PasswordEncryptor)} where the password encryptor 81  * parameter is an instance of the new Jasypt password encryptor implementation 82  * {@link JasyptPasswordEncryptor}. 83  */ 84  @Deprecated 85  public static AccessControlContext getAccessControlContext(DataSource dataSource, 86  String schemaName, 87  SQLProfile sqlProfile) { 88  return SQLAccessControlContext.getAccessControlContext(dataSource, 89  schemaName, 90  sqlProfile, 91  LegacyJasyptPasswordEncryptor.newInstance()); 92  } 93  94  /** 95  * Creates an {@link AccessControlContext} instance backed by the specified database connection. A set of valid 96  * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database 97  * server for which the connection is provided is specified using the SQLProfile parameter. The access control 98  * context returned by this method uses the built-in authentication provider for resource authentication. The 99  * built-in authentication provider delegates all password encryption and decryption to the {@link PasswordEncryptor} 100  * instance provided -- therefore it is imperative that the {@link PasswordEncryptor} instance is able to decrypt 101  * existing resource passwords. 102  * 103  * @param connection a database connection with access to the required OACC tables 104  * @param schemaName the name of the schema in the database containing the OACC tables 105  * @param sqlProfile the database provider and dialect of SQL supported for the database server associated 106  * with the connection provided 107  * @param passwordEncryptor a {@link PasswordEncryptor} instance to which the built-in authentication provider 108  * delegates all password encryption and decryption 109  * @return an {@link AccessControlContext} instance ready to receive API calls 110  */ 111  public static AccessControlContext getAccessControlContext(Connection connection, 112  String schemaName, 113  SQLProfile sqlProfile, 114  PasswordEncryptor passwordEncryptor) { 115  return SQLAccessControlContext.getAccessControlContext(connection, 116  schemaName, 117  sqlProfile, 118  passwordEncryptor); 119  } 120  121  /** 122  * Creates an {@link AccessControlContext} instance backed by the specified database data source. A set of valid 123  * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database 124  * server for which the data source is provided is specified using the SQLProfile parameter. The access control 125  * context returned by this method uses the built-in authentication provider for resource authentication. The 126  * built-in authentication provider delegates all password encryption and decryption to the {@link PasswordEncryptor} 127  * instance provided -- therefore it is important that the {@link PasswordEncryptor} instance is able to decrypt 128  * existing resource passwords. 129  * 130  * @param dataSource a database data source with access to the required OACC tables 131  * @param schemaName the name of the schema in the database containing the OACC tables 132  * @param sqlProfile the database provider and dialect of SQL supported for the database server associated 133  * with the data source provided 134  * @param passwordEncryptor a {@link PasswordEncryptor} instance to which the built-in authentication provider 135  * delegates all password encryption and decryption 136  * @return an {@link AccessControlContext} instance ready to receive API calls 137  */ 138  public static AccessControlContext getAccessControlContext(DataSource dataSource, 139  String schemaName, 140  SQLProfile sqlProfile, 141  PasswordEncryptor passwordEncryptor) { 142  return SQLAccessControlContext.getAccessControlContext(dataSource, 143  schemaName, 144  sqlProfile, 145  passwordEncryptor); 146  } 147  148  /** 149  * Creates an {@link AccessControlContext} instance backed by the specified database connection. A set of valid 150  * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database 151  * server for which the connection is provided is specified using the SQLProfile parameter. The access control 152  * context returned by this method delegates all resource authentication to the specified custom authentication 153  * provider. 154  * 155  * @param connection a database connection with access to the required OACC tables 156  * @param schemaName the name of the schema in the database containing the OACC tables 157  * @param sqlProfile the database provider and dialect of SQL supported for the database server associated 158  * with the connection provided 159  * @param authenticationProvider an {@link AuthenticationProvider} instance to which all resource authentication is 160  * delegated 161  * @return an {@link AccessControlContext} instance ready to receive API calls 162  */ 163  public static AccessControlContext getAccessControlContext(Connection connection, 164  String schemaName, 165  SQLProfile sqlProfile, 166  AuthenticationProvider authenticationProvider) { 167  return SQLAccessControlContext.getAccessControlContext(connection, 168  schemaName, 169  sqlProfile, 170  authenticationProvider); 171  } 172  173  /** 174  * Creates an {@link AccessControlContext} instance backed by the specified database data source. A set of valid 175  * OACC database tables are expected to reside in the specified schema. The dialect of SQL supported by the database 176  * server for which the data source is provided is specified using the SQLProfile parameter. The access control 177  * context returned by this method delegates all resource authentication to the specified custom authentication 178  * provider. 179  * 180  * @param dataSource a database data source with access to the required OACC tables 181  * @param schemaName the name of the schema in the database containing the OACC tables 182  * @param sqlProfile the database provider and dialect of SQL supported for the database server associated 183  * with the connection provided 184  * @param authenticationProvider an {@link AuthenticationProvider} instance to which all resource authentication is 185  * delegated 186  * @return an {@link AccessControlContext} instance ready to receive API calls 187  */ 188  public static AccessControlContext getAccessControlContext(DataSource dataSource, 189  String schemaName, 190  SQLProfile sqlProfile, 191  AuthenticationProvider authenticationProvider) { 192  return SQLAccessControlContext.getAccessControlContext(dataSource, 193  schemaName, 194  sqlProfile, 195  authenticationProvider); 196  } 197  198  /** 199  * @deprecated As of v2.0.0-rc.6; no replacement method necessary because unserializable fields are now marked as transient 200  */ 201  @Deprecated 202  public static void preSerialize(AccessControlContext accessControlContext) { 203  } 204  205  /** 206  * Re-initializes the specified deserialized accessControlContext with the specified connection. 207  * <p/> 208  * This method is only intended to be called after the specified accessControlContext was successfully 209  * deserialized, in order to reset a transient connection to a database that was not serialized. If the 210  * method is called when a data source or connection has already been initialized, the method may pass 211  * through an IllegalStateException from the accessControlContext. 212  * 213  * @param accessControlContext the accessControlContext on which to reset the database connection 214  * @param connection the database connection to be reset on the accessControlContext 215  */ 216  public static void postDeserialize(AccessControlContext accessControlContext, Connection connection) { 217  SQLAccessControlContext.postDeserialize(accessControlContext, connection); 218  } 219  220  /** 221  * Re-initializes the specified deserialized accessControlContext with the specified data source. 222  * <p/> 223  * This method is only intended to be called after the specified accessControlContext was successfully 224  * deserialized, in order to reset a transient dataSource to a database that was not serialized. If the 225  * method is called when a data source or connection has already been initialized, the method may pass 226  * through an IllegalStateException from the accessControlContext. 227  * 228  * @param accessControlContext the accessControlContext on which to reset the database connection 229  * @param dataSource the database dataSource to be reset on the accessControlContext 230  */ 231  public static void postDeserialize(AccessControlContext accessControlContext, DataSource dataSource) { 232  SQLAccessControlContext.postDeserialize(accessControlContext, dataSource); 233  } 234 }