[ all classes ] [ com.acciente.oacc.sql.internal.persister ]

Coverage Summary for Class: RecursiveGrantGlobalResourcePermissionPersister (com.acciente.oacc.sql.internal.persister)

Class Class, % Method, % Line, %
RecursiveGrantGlobalResourcePermissionPersister 100% (1/ 1) 100% (6/ 6) 75.3% (70/ 93)


1 /* 2  * Copyright 2009-2018, Acciente LLC 3  * 4  * Acciente LLC licenses this file to you under the 5  * Apache License, Version 2.0 (the "License"); you 6  * may not use this file except in compliance with the 7  * License. You may obtain a copy of the License at 8  * 9  * http://www.apache.org/licenses/LICENSE-2.0 10  * 11  * Unless required by applicable law or agreed to in 12  * writing, software distributed under the License is 13  * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES 14  * OR CONDITIONS OF ANY KIND, either express or implied. 15  * See the License for the specific language governing 16  * permissions and limitations under the License. 17  */ 18 package com.acciente.oacc.sql.internal.persister; 19  20 import com.acciente.oacc.Resource; 21 import com.acciente.oacc.ResourcePermission; 22 import com.acciente.oacc.sql.SQLProfile; 23 import com.acciente.oacc.sql.internal.persister.id.DomainId; 24 import com.acciente.oacc.sql.internal.persister.id.Id; 25 import com.acciente.oacc.sql.internal.persister.id.ResourceClassId; 26 import com.acciente.oacc.sql.internal.persister.id.ResourcePermissionId; 27  28 import java.io.Serializable; 29 import java.sql.SQLException; 30 import java.util.ArrayList; 31 import java.util.HashMap; 32 import java.util.HashSet; 33 import java.util.List; 34 import java.util.Map; 35 import java.util.Set; 36  37 public class RecursiveGrantGlobalResourcePermissionPersister extends CommonGrantGlobalResourcePermissionPersister implements Serializable { 38  private static final long serialVersionUID = 1L; 39  40  public RecursiveGrantGlobalResourcePermissionPersister(SQLProfile sqlProfile, 41  SQLStrings sqlStrings) { 42  super(sqlProfile, sqlStrings); 43  } 44  45  @Override 46  public Set<Resource> getResourcesByGlobalResourcePermission(SQLConnection connection, 47  Resource accessorResource, 48  Id<ResourceClassId> resourceClassId, 49  ResourcePermission resourcePermission, 50  Id<ResourcePermissionId> resourcePermissionId) { 51  if (resourcePermission.isSystemPermission()) { 52  throw new IllegalArgumentException("Permission: " + resourcePermission + " is not a non-system permission"); 53  } 54  55  SQLStatement statement = null; 56  try { 57  // get the list of objects of the specified type that the session has access to via global permissions 58  SQLResult resultSet; 59  Set<Resource> resources = new HashSet<>(); 60  61  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantGlobalResourcePermission_ResourceID_ExternalID_BY_AccessorID_ResourceClassID_PermissionID_IsWithGrant_ResourceClassID); 62  statement.setResourceId(1, accessorResource); 63  statement.setResourceClassId(2, resourceClassId); 64  statement.setResourcePermissionId(3, resourcePermissionId); 65  statement.setBoolean(4, resourcePermission.isWithGrantOption()); 66  statement.setResourceClassId(5, resourceClassId); 67  resultSet = statement.executeQuery(); 68  69  while (resultSet.next()) { 70  resources.add(resultSet.getResource("ResourceId", "ExternalId")); 71  } 72  resultSet.close(); 73  74  return resources; 75  } 76  catch (SQLException e) { 77  throw new RuntimeException(e); 78  } 79  finally { 80  closeStatement(statement); 81  } 82  } 83  84  @Override 85  public Set<Resource> getResourcesByGlobalResourcePermission(SQLConnection connection, 86  Resource accessorResource, 87  Id<ResourceClassId> resourceClassId, 88  Id<DomainId> resourceDomainId, 89  ResourcePermission resourcePermission, 90  Id<ResourcePermissionId> resourcePermissionId) { 91  if (resourcePermission.isSystemPermission()) { 92  throw new IllegalArgumentException("Permission: " + resourcePermission + " is not a non-system permission"); 93  } 94  95  SQLStatement statement = null; 96  try { 97  // get the list of objects of the specified type that the session has access to via global permissions 98  SQLResult resultSet; 99  Set<Resource> resources = new HashSet<>(); 100  101  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantGlobalResourcePermission_ResourceID_ExternalID_BY_AccessorID_DomainID_ResourceClassID_PermissionID_IsWithGrant_ResourceClassID); 102  statement.setResourceId(1, accessorResource); 103  statement.setResourceDomainId(2, resourceDomainId); 104  statement.setResourceClassId(3, resourceClassId); 105  statement.setResourcePermissionId(4, resourcePermissionId); 106  statement.setBoolean(5, resourcePermission.isWithGrantOption()); 107  statement.setResourceClassId(6, resourceClassId); 108  resultSet = statement.executeQuery(); 109  110  while (resultSet.next()) { 111  resources.add(resultSet.getResource("ResourceId", "ExternalId")); 112  } 113  resultSet.close(); 114  115  return resources; 116  } 117  catch (SQLException e) { 118  throw new RuntimeException(e); 119  } 120  finally { 121  closeStatement(statement); 122  } 123  } 124  125  @Override 126  public Set<ResourcePermission> getGlobalResourcePermissionsIncludeInherited(SQLConnection connection, 127  Resource accessorResource, 128  Id<ResourceClassId> resourceClassId, 129  Id<DomainId> resourceDomainId) { 130  SQLStatement statement = null; 131  try { 132  // collect the system permissions that the accessor has to the accessed resource 133  SQLResult resultSet; 134  Set<ResourcePermission> resourcePermissions = new HashSet<>(); 135  136  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantGlobalResourcePermission_PermissionName_IsWithGrant_BY_AccessorID_AccessedDomainID_ResourceClassID); 137  statement.setResourceId(1, accessorResource); 138  statement.setResourceDomainId(2, resourceDomainId); 139  statement.setResourceClassId(3, resourceClassId); 140  resultSet = statement.executeQuery(); 141  142  while (resultSet.next()) { 143  resourcePermissions.add(getResourcePermission(resultSet)); 144  } 145  resultSet.close(); 146  147  return resourcePermissions; 148  } 149  catch (SQLException e) { 150  throw new RuntimeException(e); 151  } 152  finally { 153  closeStatement(statement); 154  } 155  } 156  157  @Override 158  public Map<String, Map<String, Set<ResourcePermission>>> getGlobalResourcePermissionsIncludeInherited(SQLConnection connection, 159  Resource accessorResource) { 160  SQLStatement statement = null; 161  try { 162  // collect the non-system permissions that the accessor has 163  SQLResult resultSet; 164  final Map<String, Map<String, Set<ResourcePermission>>> globalPermissionsMap = new HashMap<>(); 165  166  statement = connection.prepareStatement(sqlStrings.SQL_findInGrantGlobalResourcePermission_ResourceDomainName_ResourceClassName_PermissionName_IsWithGrant_BY_AccessorID); 167  statement.setResourceId(1, accessorResource); 168  resultSet = statement.executeQuery(); 169  170  while (resultSet.next()) { 171  final String resourceDomainName; 172  final String resourceClassName; 173  Map<String, Set<ResourcePermission>> permissionsForResourceDomain; 174  Set<ResourcePermission> resourcePermissionsForResourceClass; 175  176  resourceDomainName = resultSet.getString("DomainName"); 177  resourceClassName = resultSet.getString("ResourceClassName"); 178  179  if ((permissionsForResourceDomain = globalPermissionsMap.get(resourceDomainName)) == null) { 180  globalPermissionsMap.put(resourceDomainName, 181  permissionsForResourceDomain = new HashMap<>()); 182  } 183  184  if ((resourcePermissionsForResourceClass = permissionsForResourceDomain.get(resourceClassName)) == null) { 185  permissionsForResourceDomain.put(resourceClassName, 186  resourcePermissionsForResourceClass = new HashSet<>()); 187  } 188  189  resourcePermissionsForResourceClass.add(getResourcePermission(resultSet)); 190  } 191  resultSet.close(); 192  193  return globalPermissionsMap; 194  } 195  catch (SQLException e) { 196  throw new RuntimeException(e); 197  } 198  finally { 199  closeStatement(statement); 200  } 201  } 202  203  @Override 204  public void removeAllGlobalResourcePermissions(SQLConnection connection, 205  Id<DomainId> accessedDomainId) { 206  207  SQLStatement statement = null; 208  try { 209  // chose strategy to perform recursive delete based on sql profile 210  if (sqlProfile.isRecursiveDeleteEnabled()) { 211  // prepare the standard recursive delete statement for domain and its children 212  statement = connection.prepareStatement(sqlStrings.SQL_removeInGrantGlobalResourcePermission_withDescendants_BY_AccessedDomainId); 213  214  // revoke any existing non-system permissions any accessor has to this domain + any resource class 215  statement.setResourceDomainId(1, accessedDomainId); 216  statement.executeUpdate(); 217  } 218  else { 219  // DBMS doesn't support recursive deletion, so we have to remove domain's children's accessors first 220  221  // get descendant domain Ids 222  statement = connection.prepareStatement(sqlStrings.SQL_findInDomain_DescendantResourceDomainID_BY_DomainID_ORDERBY_DomainLevel); 223  statement.setResourceDomainId(1, accessedDomainId); 224  SQLResult resultSet = statement.executeQuery(); 225  226  List<Id<DomainId>> descendantDomainIds = new ArrayList<>(); 227  228  while (resultSet.next()) { 229  descendantDomainIds.add(resultSet.getResourceDomainId("DomainId")); 230  } 231  closeStatement(statement); 232  233  // delete domains' accessors (in reverse order of domainLevel, to preserve FK constraints) 234  statement = connection.prepareStatement(sqlStrings.SQL_removeInGrantGlobalResourcePermission_BY_AccessedDomainId); 235  236  for (int i=descendantDomainIds.size()-1; i >= 0; i--) { 237  statement.setResourceDomainId(1, descendantDomainIds.get(i)); 238  statement.executeUpdate(); 239  } 240  } 241  } 242  catch (SQLException e) { 243  throw new RuntimeException(e); 244  } 245  finally { 246  closeStatement(statement); 247  } 248  } 249 }
generated on 2018-10-11 15:50