Coverage Summary for Class: RecursiveGrantResourceCreatePermissionSysPersister (com.acciente.oacc.sql.internal.persister)

Class	Class, %	Method, %	Line, %
RecursiveGrantResourceCreatePermissionSysPersister	100% (1/ 1)	100% (4/ 4)	69.6% (39/ 56)
1 /*
2  * Copyright 2009-2018, Acciente LLC
3  *
4  * Acciente LLC licenses this file to you under the
5  * Apache License, Version 2.0 (the "License"); you
6  * may not use this file except in compliance with the
7  * License. You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in
12  * writing, software distributed under the License is
13  * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
14  * OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing
16  * permissions and limitations under the License.
17  */
18 package com.acciente.oacc.sql.internal.persister;
19 
20 import com.acciente.oacc.Resource;
21 import com.acciente.oacc.ResourceCreatePermission;
22 import com.acciente.oacc.sql.SQLProfile;
23 import com.acciente.oacc.sql.internal.persister.id.DomainId;
24 import com.acciente.oacc.sql.internal.persister.id.Id;
25 import com.acciente.oacc.sql.internal.persister.id.ResourceClassId;
26 
27 import java.io.Serializable;
28 import java.sql.SQLException;
29 import java.util.ArrayList;
30 import java.util.HashMap;
31 import java.util.HashSet;
32 import java.util.List;
33 import java.util.Map;
34 import java.util.Set;
35 
36 public class RecursiveGrantResourceCreatePermissionSysPersister extends CommonGrantResourceCreatePermissionSysPersister implements Serializable {
37    private static final long serialVersionUID = 1L;
38 
39    public RecursiveGrantResourceCreatePermissionSysPersister(SQLProfile sqlProfile,
40                                                              SQLStrings sqlStrings) {
41       super(sqlProfile, sqlStrings);
42    }
43 
44    @Override
45    public Set<ResourceCreatePermission> getResourceCreateSysPermissionsIncludeInherited(SQLConnection connection,
46                                                                                         Resource accessorResource,
47                                                                                         Id<ResourceClassId> resourceClassId,
48                                                                                         Id<DomainId> resourceDomainId) {
49       SQLStatement statement = null;
50 
51       try {
52          SQLResult resultSet;
53          Set<ResourceCreatePermission> resourceCreatePermissions = new HashSet<>();
54 
55          // collect the system permissions the accessor has to the specified resource class
56          statement = connection.prepareStatement(sqlStrings.SQL_findInGrantResourceCreatePermissionSys_SysPermissionId_IsWithGrant_BY_AccessorID_AccessedDomainID_ResourceClassID);
57          statement.setResourceId(1, accessorResource);
58          statement.setResourceDomainId(2, resourceDomainId);
59          statement.setResourceClassId(3, resourceClassId);
60          resultSet = statement.executeQuery();
61 
62          while (resultSet.next()) {
63             resourceCreatePermissions.add(getResourceCreateSysPermission(resultSet));
64          }
65          resultSet.close();
66 
67          return resourceCreatePermissions;
68       }
69       catch (SQLException e) {
70          throw new RuntimeException(e);
71       }
72       finally {
73          closeStatement(statement);
74       }
75    }
76 
77    @Override
78    public Map<String, Map<String, Set<ResourceCreatePermission>>> getResourceCreateSysPermissionsIncludeInherited(
79          SQLConnection connection,
80          Resource accessorResource) {
81       SQLStatement statement = null;
82 
83       try {
84          Map<String, Map<String, Set<ResourceCreatePermission>>> createSysPermissionsMap = new HashMap<>();
85          SQLResult resultSet;
86 
87          // collect the system permissions that the accessor has and add it to createALLPermissionsMap
88          statement = connection.prepareStatement(sqlStrings.SQL_findInGrantResourceCreatePermissionSys_ResourceDomainName_ResourceClassName_SysPermissionId_IsWithGrant_BY_AccessorID);
89          statement.setResourceId(1, accessorResource);
90          resultSet = statement.executeQuery();
91 
92          while (resultSet.next()) {
93             final String resourceDomainName;
94             final String resourceClassName;
95             Map<String, Set<ResourceCreatePermission>> permissionsForResourceDomain;
96             Set<ResourceCreatePermission> permissionsForResourceClass;
97 
98             resourceDomainName = resultSet.getString("DomainName");
99             resourceClassName = resultSet.getString("ResourceClassName");
100 
101             if ((permissionsForResourceDomain = createSysPermissionsMap.get(resourceDomainName)) == null) {
102                createSysPermissionsMap.put(resourceDomainName,
103                                            permissionsForResourceDomain = new HashMap<>());
104             }
105 
106             if ((permissionsForResourceClass = permissionsForResourceDomain.get(resourceClassName)) == null) {
107                permissionsForResourceDomain.put(resourceClassName,
108                                                 permissionsForResourceClass = new HashSet<>());
109             }
110 
111             permissionsForResourceClass.add(getResourceCreateSysPermission(resultSet));
112          }
113          resultSet.close();
114 
115          return createSysPermissionsMap;
116       }
117       catch (SQLException e) {
118          throw new RuntimeException(e);
119       }
120       finally {
121          closeStatement(statement);
122       }
123    }
124 
125    @Override
126    public void removeAllResourceCreateSysPermissions(SQLConnection connection,
127                                                      Id<DomainId> accessedDomainId) {
128       SQLStatement statement = null;
129       try {
130          // chose strategy to perform recursive delete based on sql profile
131          if (sqlProfile.isRecursiveDeleteEnabled()) {
132             // prepare the standard recursive delete statement for domain and its children
133             statement = connection.prepareStatement(sqlStrings.SQL_removeInGrantResourceCreatePermissionSys_withDescendants_BY_AccessedDomainId);
134 
135             // revoke any existing create system permissions any accessor has to this domain + any resource class
136             statement.setResourceDomainId(1, accessedDomainId);
137             statement.executeUpdate();
138          }
139          else {
140             // DBMS doesn't support recursive deletion, so we have to remove domain's children's accessors first
141 
142             // get descendant domain Ids
143             statement = connection.prepareStatement(sqlStrings.SQL_findInDomain_DescendantResourceDomainID_BY_DomainID_ORDERBY_DomainLevel);
144             statement.setResourceDomainId(1, accessedDomainId);
145             SQLResult resultSet = statement.executeQuery();
146 
147             List<Id<DomainId>> descendantDomainIds = new ArrayList<>();
148 
149             while (resultSet.next()) {
150                descendantDomainIds.add(resultSet.getResourceDomainId("DomainId"));
151             }
152             closeStatement(statement);
153 
154             // delete domains' accessors (in reverse order of domainLevel, to preserve FK constraints)
155             statement = connection.prepareStatement(sqlStrings.SQL_removeInGrantResourceCreatePermissionSys_BY_AccessedDomainId);
156 
157             for (int i=descendantDomainIds.size()-1; i >= 0; i--) {
158                statement.setResourceDomainId(1, descendantDomainIds.get(i));
159                statement.executeUpdate();
160             }
161          }
162       }
163       catch (SQLException e) {
164          throw new RuntimeException(e);
165       }
166       finally {
167          closeStatement(statement);
168       }
169    }
170 
171 }