Coverage Summary for Class: NonRecursiveGrantResourceCreatePermissionPostCreateSysPersister (com.acciente.oacc.sql.internal.persister)

1 /* 2  * Copyright 2009-2018, Acciente LLC 3  * 4  * Acciente LLC licenses this file to you under the 5  * Apache License, Version 2.0 (the "License"); you 6  * may not use this file except in compliance with the 7  * License. You may obtain a copy of the License at 8  * 9  * http://www.apache.org/licenses/LICENSE-2.0 10  * 11  * Unless required by applicable law or agreed to in 12  * writing, software distributed under the License is 13  * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES 14  * OR CONDITIONS OF ANY KIND, either express or implied. 15  * See the License for the specific language governing 16  * permissions and limitations under the License. 17  */ 18 package com.acciente.oacc.sql.internal.persister; 19  20 import com.acciente.oacc.Resource; 21 import com.acciente.oacc.ResourceCreatePermission; 22 import com.acciente.oacc.sql.SQLProfile; 23 import com.acciente.oacc.sql.internal.persister.id.DomainId; 24 import com.acciente.oacc.sql.internal.persister.id.Id; 25 import com.acciente.oacc.sql.internal.persister.id.ResourceClassId; 26 import com.acciente.oacc.sql.internal.persister.id.ResourceId; 27  28 import java.io.Serializable; 29 import java.sql.SQLException; 30 import java.util.ArrayList; 31 import java.util.HashMap; 32 import java.util.HashSet; 33 import java.util.List; 34 import java.util.Map; 35 import java.util.Set; 36  37 public class NonRecursiveGrantResourceCreatePermissionPostCreateSysPersister extends CommonGrantResourceCreatePermissionPostCreateSysPersister implements Serializable { 38  private static final long serialVersionUID = 1L; 39  40  public NonRecursiveGrantResourceCreatePermissionPostCreateSysPersister(SQLProfile sqlProfile, 41  SQLStrings sqlStrings) { 42  super(sqlProfile, sqlStrings); 43  } 44  45  @Override 46  public Set<ResourceCreatePermission> getResourceCreatePostCreateSysPermissionsIncludeInherited(SQLConnection connection, 47  Resource accessorResource, 48  Id<ResourceClassId> resourceClassId, 49  Id<DomainId> resourceDomainId) { 50  SQLStatement statement = null; 51  try { 52  // first get all the resources from which the accessor inherits any permissions 53  final Set<Id<ResourceId>> accessorResourceIds 54  = NonRecursivePersisterHelper.getInheritedAccessorResourceIds(sqlStrings, connection, accessorResource); 55  56  // get the ancestors of the specified domain, to which the accessors could also have permissions 57  final Set<Id<DomainId>> ancestorDomainIds 58  = NonRecursivePersisterHelper.getAncestorDomainIds(sqlStrings, connection, resourceDomainId); 59  60  // now collect the sys-permissions any accessor resource has to the specified domain or its ancestors 61  SQLResult resultSet; 62  Set<ResourceCreatePermission> resourceCreatePermissions = new HashSet<>(); 63  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantResourceCreatePermissionPostCreateSys_withoutInheritance_PostCreateSysPermissionID_PostCreateIsWithGrant_IsWithGrant_BY_AccessorID_AccessedDomainID_ResourceClassID); 64  65  for (Id<ResourceId> accessorResourceId : accessorResourceIds) { 66  for (Id<DomainId> domainId : ancestorDomainIds) { 67  statement.setResourceId(1, accessorResourceId); 68  statement.setResourceDomainId(2, domainId); 69  statement.setResourceClassId(3, resourceClassId); 70  resultSet = statement.executeQuery(); 71  72  while (resultSet.next()) { 73  resourceCreatePermissions.add(getResourceCreatePostCreateSysPermission(resultSet)); 74  } 75  resultSet.close(); 76  } 77  } 78  79  return resourceCreatePermissions; 80  } 81  catch (SQLException e) { 82  throw new RuntimeException(e); 83  } 84  finally { 85  closeStatement(statement); 86  } 87  } 88  89  @Override 90  public Map<String, Map<String, Set<ResourceCreatePermission>>> getResourceCreatePostCreateSysPermissionsIncludeInherited(SQLConnection connection, 91  Resource accessorResource) { 92  SQLStatement statement = null; 93  94  try { 95  // first get all the resources from which the accessor inherits any permissions 96  final Set<Id<ResourceId>> accessorResourceIds 97  = NonRecursivePersisterHelper.getInheritedAccessorResourceIds(sqlStrings, connection, accessorResource); 98  99  // second, get all the resource create permissions the accessors directly have access to 100  SQLResult resultSet; 101  Map<String, Map<String, Set<ResourceCreatePermission>>> createSysPermissionsMap = new HashMap<>(); 102  103  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantResourceCreatePermissionPostCreateSys_withoutInheritance_ResourceDomainName_ResourceClassName_PostCreateSysPermissionID_PostCreateIsWithGrant_IsWithGrant_BY_AccessorID); 104  105  for (Id<ResourceId> accessorResourceId : accessorResourceIds) { 106  statement.setResourceId(1, accessorResourceId); 107  resultSet = statement.executeQuery(); 108  109  while (resultSet.next()) { 110  final String resourceDomainName = resultSet.getString("DomainName"); 111  final String resourceClassName = resultSet.getString("ResourceClassName"); 112  113  Map<String, Set<ResourceCreatePermission>> permissionsForResourceDomain 114  = createSysPermissionsMap.get(resourceDomainName); 115  if (permissionsForResourceDomain == null) { 116  permissionsForResourceDomain = new HashMap<>(); 117  createSysPermissionsMap.put(resourceDomainName, permissionsForResourceDomain); 118  } 119  120  Set<ResourceCreatePermission> permissionsForResourceClass 121  = permissionsForResourceDomain.get(resourceClassName); 122  if (permissionsForResourceClass == null) { 123  permissionsForResourceClass = new HashSet<>(); 124  permissionsForResourceDomain.put(resourceClassName, permissionsForResourceClass); 125  } 126  127  permissionsForResourceClass.add(getResourceCreatePostCreateSysPermission(resultSet)); 128  } 129  resultSet.close(); 130  } 131  closeStatement(statement); 132  statement = null; 133  134  // then apply each domain's direct permissions to all its descendants 135  // !! DON'T UPDATE THE PERMISSION-MAP WHILE ITERATING OVER ITS KEY-SET !! (get a copy of the key-set instead) 136  Set<String> directDomainNames = new HashSet<>(createSysPermissionsMap.keySet()); 137  for (String directDomainName : directDomainNames) { 138  Set<String> descendentDomains = NonRecursivePersisterHelper.getDescendantDomainNames(sqlStrings, 139  connection, 140  directDomainName); 141  142  for (String descendentDomain : descendentDomains) { 143  Map<String, Set<ResourceCreatePermission>> permissionsForResourceDomain 144  = createSysPermissionsMap.get(descendentDomain); 145  if (permissionsForResourceDomain == null) { 146  permissionsForResourceDomain = new HashMap<>(); 147  createSysPermissionsMap.put(descendentDomain, permissionsForResourceDomain); 148  } 149  150  if (!descendentDomain.equals(directDomainName)) { 151  final Map<String, Set<ResourceCreatePermission>> sourceResourceClassPermissionsMap 152  = createSysPermissionsMap.get(directDomainName); 153  154  for (String resourceClassName : sourceResourceClassPermissionsMap.keySet()) { 155  Set<ResourceCreatePermission> permissionsForResourceClass 156  = permissionsForResourceDomain.get(resourceClassName); 157  if (permissionsForResourceClass == null) { 158  permissionsForResourceClass = new HashSet<>(); 159  permissionsForResourceDomain.put(resourceClassName, permissionsForResourceClass); 160  } 161  162  permissionsForResourceClass.addAll(sourceResourceClassPermissionsMap.get(resourceClassName)); 163  } 164  } 165  } 166  } 167  168  return createSysPermissionsMap; 169  } 170  catch (SQLException e) { 171  throw new RuntimeException(e); 172  } 173  finally { 174  closeStatement(statement); 175  } 176  } 177  178  @Override 179  public void removeAllResourceCreatePostCreateSysPermissions(SQLConnection connection, 180  Id<DomainId> accessedDomainId) { 181  SQLStatement statement = null; 182  try { 183  // get descendant domain Ids 184  List<Id<DomainId>> descendantDomainIds 185  = new ArrayList<>(NonRecursivePersisterHelper.getDescendantDomainIdsOrderedByAscendingLevel(sqlStrings, 186  connection, 187  accessedDomainId)); 188  189  // delete domains' accessors (in reverse order of domainLevel, to preserve FK constraints) 190  statement = connection.prepareStatement(sqlStrings.SQL_removeInGrantResourceCreatePermissionPostCreateSys_BY_AccessedDomainID); 191  192  for (int i=descendantDomainIds.size()-1; i >= 0; i--) { 193  statement.setResourceDomainId(1, descendantDomainIds.get(i)); 194  statement.executeUpdate(); 195  } 196  } 197  catch (SQLException e) { 198  throw new RuntimeException(e); 199  } 200  finally { 201  closeStatement(statement); 202  } 203  } 204 }