Coverage Summary for Class: NonRecursiveGrantResourceCreatePermissionSysPersister (com.acciente.oacc.sql.internal.persister)

1 /* 2  * Copyright 2009-2018, Acciente LLC 3  * 4  * Acciente LLC licenses this file to you under the 5  * Apache License, Version 2.0 (the "License"); you 6  * may not use this file except in compliance with the 7  * License. You may obtain a copy of the License at 8  * 9  * http://www.apache.org/licenses/LICENSE-2.0 10  * 11  * Unless required by applicable law or agreed to in 12  * writing, software distributed under the License is 13  * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES 14  * OR CONDITIONS OF ANY KIND, either express or implied. 15  * See the License for the specific language governing 16  * permissions and limitations under the License. 17  */ 18 package com.acciente.oacc.sql.internal.persister; 19  20 import com.acciente.oacc.Resource; 21 import com.acciente.oacc.ResourceCreatePermission; 22 import com.acciente.oacc.sql.SQLProfile; 23 import com.acciente.oacc.sql.internal.persister.id.DomainId; 24 import com.acciente.oacc.sql.internal.persister.id.Id; 25 import com.acciente.oacc.sql.internal.persister.id.ResourceClassId; 26 import com.acciente.oacc.sql.internal.persister.id.ResourceId; 27  28 import java.io.Serializable; 29 import java.sql.SQLException; 30 import java.util.ArrayList; 31 import java.util.HashMap; 32 import java.util.HashSet; 33 import java.util.List; 34 import java.util.Map; 35 import java.util.Set; 36  37 public class NonRecursiveGrantResourceCreatePermissionSysPersister extends CommonGrantResourceCreatePermissionSysPersister implements Serializable { 38  private static final long serialVersionUID = 1L; 39  40  public NonRecursiveGrantResourceCreatePermissionSysPersister(SQLProfile sqlProfile, 41  SQLStrings sqlStrings) { 42  super(sqlProfile, sqlStrings); 43  } 44  45  @Override 46  public Set<ResourceCreatePermission> getResourceCreateSysPermissionsIncludeInherited(SQLConnection connection, 47  Resource accessorResource, 48  Id<ResourceClassId> resourceClassId, 49  Id<DomainId> resourceDomainId) { 50  SQLStatement statement = null; 51  52  try { 53  // first get all the resources from which the accessor inherits any permissions 54  final Set<Id<ResourceId>> accessorResourceIds 55  = NonRecursivePersisterHelper.getInheritedAccessorResourceIds(sqlStrings, connection, accessorResource); 56  57  // get the ancestors of the specified domain, to which the accessors could also have permissions 58  final Set<Id<DomainId>> ancestorDomainIds = NonRecursivePersisterHelper.getAncestorDomainIds(sqlStrings, 59  connection, 60  resourceDomainId); 61  62  // now accumulate the resource create permissions from each of the (inherited) accessors to each of the domains 63  Set<ResourceCreatePermission> resourceCreatePermissions = new HashSet<>(); 64  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantResourceCreatePermissionSys_withoutInheritance_SysPermissionId_IsWithGrant_BY_AccessorID_AccessedDomainID_ResourceClassID); 65  66  for (Id<ResourceId> accessorResourceId : accessorResourceIds) { 67  for (Id<DomainId> domainId : ancestorDomainIds) { 68  statement.setResourceId(1, accessorResourceId); 69  statement.setResourceDomainId(2, domainId); 70  statement.setResourceClassId(3, resourceClassId); 71  SQLResult resultSet = statement.executeQuery(); 72  73  while (resultSet.next()) { 74  resourceCreatePermissions.add(getResourceCreateSysPermission(resultSet)); 75  } 76  resultSet.close(); 77  } 78  } 79  80  return resourceCreatePermissions; 81  } 82  catch (SQLException e) { 83  throw new RuntimeException(e); 84  } 85  finally { 86  closeStatement(statement); 87  } 88  } 89  90  @Override 91  public Map<String, Map<String, Set<ResourceCreatePermission>>> getResourceCreateSysPermissionsIncludeInherited(SQLConnection connection, 92  Resource accessorResource) { 93  SQLStatement statement = null; 94  95  try { 96  // first get all the resources from which the accessor inherits any permissions 97  final Set<Id<ResourceId>> accessorResourceIds 98  = NonRecursivePersisterHelper.getInheritedAccessorResourceIds(sqlStrings, connection, accessorResource); 99  100  // second, get all the resource create permissions the accessors directly have access to 101  SQLResult resultSet; 102  Map<String, Map<String, Set<ResourceCreatePermission>>> createSysPermissionsMap = new HashMap<>(); 103  104  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantResourceCreatePermissionSys_withoutInheritance_ResourceDomainName_ResourceClassName_SysPermissionId_IsWithGrant_BY_AccessorID); 105  106  for (Id<ResourceId> accessorResourceId : accessorResourceIds) { 107  statement.setResourceId(1, accessorResourceId); 108  resultSet = statement.executeQuery(); 109  110  while (resultSet.next()) { 111  final String resourceDomainName = resultSet.getString("DomainName"); 112  final String resourceClassName = resultSet.getString("ResourceClassName"); 113  114  Map<String, Set<ResourceCreatePermission>> permissionsForResourceDomain 115  = createSysPermissionsMap.get(resourceDomainName); 116  if (permissionsForResourceDomain == null) { 117  permissionsForResourceDomain = new HashMap<>(); 118  createSysPermissionsMap.put(resourceDomainName, permissionsForResourceDomain); 119  } 120  121  Set<ResourceCreatePermission> permissionsForResourceClass 122  = permissionsForResourceDomain.get(resourceClassName); 123  if (permissionsForResourceClass == null) { 124  permissionsForResourceClass = new HashSet<>(); 125  permissionsForResourceDomain.put(resourceClassName, permissionsForResourceClass); 126  } 127  128  permissionsForResourceClass.add(getResourceCreateSysPermission(resultSet)); 129  } 130  resultSet.close(); 131  } 132  closeStatement(statement); 133  statement = null; 134  135  // then apply each domain's direct permissions to all its descendants 136  // !! DON'T UPDATE THE PERMISSION-MAP WHILE ITERATING OVER ITS KEY-SET !! (get a copy of the key-set instead) 137  Set<String> directDomainNames = new HashSet<>(createSysPermissionsMap.keySet()); 138  for (String directDomainName : directDomainNames) { 139  Set<String> descendentDomains = NonRecursivePersisterHelper.getDescendantDomainNames(sqlStrings, 140  connection, 141  directDomainName); 142  143  for (String descendentDomain : descendentDomains) { 144  Map<String, Set<ResourceCreatePermission>> permissionsForResourceDomain 145  = createSysPermissionsMap.get(descendentDomain); 146  if (permissionsForResourceDomain == null) { 147  permissionsForResourceDomain = new HashMap<>(); 148  createSysPermissionsMap.put(descendentDomain, permissionsForResourceDomain); 149  } 150  151  if (!descendentDomain.equals(directDomainName)) { 152  final Map<String, Set<ResourceCreatePermission>> sourceResourceClassPermissionsMap 153  = createSysPermissionsMap.get(directDomainName); 154  155  for (String resourceClassName : sourceResourceClassPermissionsMap.keySet()) { 156  Set<ResourceCreatePermission> permissionsForResourceClass 157  = permissionsForResourceDomain.get(resourceClassName); 158  if (permissionsForResourceClass == null) { 159  permissionsForResourceClass = new HashSet<>(); 160  permissionsForResourceDomain.put(resourceClassName, permissionsForResourceClass); 161  } 162  163  permissionsForResourceClass.addAll(sourceResourceClassPermissionsMap.get(resourceClassName)); 164  } 165  } 166  } 167  } 168  169  return createSysPermissionsMap; 170  } 171  catch (SQLException e) { 172  throw new RuntimeException(e); 173  } 174  finally { 175  closeStatement(statement); 176  } 177  } 178  179  @Override 180  public void removeAllResourceCreateSysPermissions(SQLConnection connection, 181  Id<DomainId> accessedDomainId) { 182  SQLStatement statement = null; 183  try { 184  // get descendant domain Ids 185  List<Id<DomainId>> descendantDomainIds 186  = new ArrayList<>(NonRecursivePersisterHelper.getDescendantDomainIdsOrderedByAscendingLevel(sqlStrings, 187  connection, 188  accessedDomainId)); 189  // delete domains' accessors (in reverse order of domainLevel, to preserve FK constraints) 190  statement = connection.prepareStatement(sqlStrings.SQL_removeInGrantResourceCreatePermissionSys_BY_AccessedDomainId); 191  192  for (int i=descendantDomainIds.size()-1; i >= 0; i--) { 193  statement.setResourceDomainId(1, descendantDomainIds.get(i)); 194  statement.executeUpdate(); 195  } 196  } 197  catch (SQLException e) { 198  throw new RuntimeException(e); 199  } 200  finally { 201  closeStatement(statement); 202  } 203  } 204 }