View Javadoc
1 /*** 2 * The contents of this file are subject to the Mozilla Public 3 * License Version 1.1 (the "License"); you may not use this file 4 * except in compliance with the License. You may obtain a copy of 5 * the License at http://www.mozilla.org/MPL/ 6 * 7 * Software distributed under the License is distributed on an "AS 8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or 9 * implied. See the License for the specific language governing 10 * rights and limitations under the License. 11 * 12 * The Original Code is pow2ACL library. 13 * 14 * The Initial Owner of the Original Code is Power Of Two S.R.L. 15 * Portions created by Power Of Two S.R.L. are Copyright (C) Power Of Two S.R.L. 16 * All Rights Reserved. 17 * 18 * Contributor(s): 19 */ 20 21 package com.pow2.acl.dao; 22 23 import java.sql.*; 24 import java.util.ArrayList; 25 import java.util.Iterator; 26 import java.util.ResourceBundle; 27 28 import org.apache.log4j.Category; 29 30 import com.pow2.dao.AbstractDAO; 31 import com.pow2.acl.*; 32 import com.pow2.util.Util; 33 import com.pow2.user.User; 34 35 /*** 36 * Data access object for ACL. 37 * 38 * @author Luca Fossato 39 * @created 8 aprile 2002 40 */ 41 public class ACLDAO extends AbstractDAO 42 { 43 /*** an handle to the unique DAO instance. */ 44 private static ACLDAO instance = null; 45 46 /*** query resource strings; */ 47 static ResourceBundle res = null; 48 49 private String isUserInGroupQuery; 50 private String isUserInRoleQuery; 51 private String isUserInRole2Query; 52 private String getUserGroupsQuery; 53 private String getUserRolesQuery; 54 private String getUserRoles2Query; 55 private String getRolePermissionsQuery; 56 57 58 /*** Default protected constructor. */ 59 protected ACLDAO() 60 { 61 super(); 62 63 // load the query strings from QueryRes.properties file; 64 res = ResourceBundle.getBundle("com.pow2.acl.dao.QueryRes"); 65 isUserInGroupQuery = res.getString("isUserInGroup"); 66 isUserInRoleQuery = res.getString("isUserInRole"); 67 isUserInRole2Query = res.getString("isUserInRole2"); 68 getUserGroupsQuery = res.getString("getUserGroups"); 69 getUserRolesQuery = res.getString("getUserRoles"); 70 getUserRoles2Query = res.getString("getUserRoles2"); 71 getRolePermissionsQuery = res.getString("getRolePermissions"); 72 } 73 74 75 /*** 76 * Get the instance of DAO class. 77 * 78 * @return the instance of DAO class. 79 */ 80 public static synchronized ACLDAO instance() 81 { 82 if (instance == null) 83 { 84 instance = new ACLDAO(); 85 } 86 return instance; 87 } 88 89 90 /*** 91 * Check if the user belongs to the input group. 92 * 93 * @param user the user. 94 * @param group the group wich the user should belong to. 95 * @return true if the user belongs to the group, false otherwise. 96 * @exception Exception if the query fails. 97 */ 98 public boolean isUserInGroup(User user, Group group) throws Exception 99 { 100 Connection con = null; 101 PreparedStatement ps = null; 102 ResultSet rs = null; 103 int i = 0; 104 boolean found = false; 105 106 try 107 { 108 con = getConnection(); 109 ps = con.prepareStatement(isUserInGroupQuery); 110 ps.setString(1, user.getId()); 111 ps.setString(2, group.getName()); 112 rs = ps.executeQuery(); 113 114 while (rs.next()) 115 { 116 i = rs.getInt("RES"); 117 } 118 } 119 finally 120 { 121 closeResources(rs, ps, con, true); 122 } 123 124 found = (i > 0); 125 126 if (cat.isDebugEnabled()) 127 { 128 cat.debug(new StringBuffer("::isUserInGroup - user [id="). 129 append(user.getId()). 130 append(", "). 131 append(user.getFirstName()). 132 append("] is in group ["). 133 append(group.getName()). 134 append("] ? "). 135 append(found)); 136 } 137 138 return found; 139 } 140 141 142 /*** 143 * Check if the user has got the input role. 144 * 145 * @param user Description of the Parameter 146 * @param role Description of the Parameter 147 * @return true if the user has got the input role, false otherwise. 148 * @exception Exception if the query fails. 149 */ 150 public boolean isUserInRole(User user, Role role) throws Exception 151 { 152 Connection con = null; 153 PreparedStatement ps = null; 154 ResultSet rs = null; 155 int i = 0; 156 boolean found = false; 157 158 try 159 { 160 con = getConnection(); 161 ps = con.prepareStatement(isUserInRoleQuery); 162 ps.setString(1, user.getId()); 163 ps.setString(2, role.getName()); 164 rs = ps.executeQuery(); 165 166 while (rs.next()) 167 { 168 i = rs.getInt("RES"); 169 } 170 } finally 171 { 172 closeResources(rs, ps, con, true); 173 } 174 175 found = (i > 0); 176 177 if (cat.isDebugEnabled()) 178 { 179 cat.debug(new StringBuffer("::isUserInRole - user [id="). 180 append(user.getId()). 181 append(", "). 182 append(user.getFirstName()). 183 append("] is in role ["). 184 append(role.getName()). 185 append("] ? "). 186 append(found)); 187 } 188 189 return found; 190 } 191 192 193 /*** 194 * Check if the user belonging to the input group has got the input role. 195 * 196 * @param user the user. 197 * @param group the group wich the user belongs to. 198 * @param role the role that the user should have. 199 * @return true if the user has got the input role, false otherwise. 200 * @exception Exception if the query fails. 201 */ 202 public boolean isUserInRole(User user, Group group, Role role) throws Exception 203 { 204 Connection con = null; 205 PreparedStatement ps = null; 206 ResultSet rs = null; 207 int i = 0; 208 boolean found = false; 209 210 try 211 { 212 con = getConnection(); 213 ps = con.prepareStatement(isUserInRole2Query); 214 ps.setString(1, user.getId()); 215 ps.setString(2, group.getName()); 216 ps.setString(3, role.getName()); 217 rs = ps.executeQuery(); 218 219 while (rs.next()) 220 { 221 i = rs.getInt("RES"); 222 } 223 } finally 224 { 225 closeResources(rs, ps, con, true); 226 } 227 228 found = (i > 0); 229 230 if (cat.isDebugEnabled()) 231 { 232 cat.debug(new StringBuffer("::isUserInRole - user [id="). 233 append(user.getId()). 234 append(", "). 235 append(user.getFirstName()). 236 append("] in group ["). 237 append(group.getName()). 238 append("] is in role ["). 239 append(role.getName()). 240 append("] ? "). 241 append(found)); 242 } 243 244 return found; 245 } 246 247 248 /*** 249 * Get all the groups for the user. 250 * 251 * @param user Description of the Parameter 252 * @return an ArrayList of group objects. 253 * @exception Exception if the query fails. 254 */ 255 public ArrayList getUserGroups(User user) throws Exception 256 { 257 Connection con = null; 258 PreparedStatement ps = null; 259 ResultSet rs = null; 260 Group group = null; 261 ArrayList list = new ArrayList(); 262 StringBuffer groups = new StringBuffer(); 263 int i = 0; 264 265 try 266 { 267 con = getConnection(); 268 ps = con.prepareStatement(getUserGroupsQuery); 269 ps.setString(1, user.getId()); 270 rs = ps.executeQuery(); 271 272 while (rs.next()) 273 { 274 group = new Group(); 275 group.setId(rs.getInt("ID")); 276 group.setName(rs.getString("NAME")); 277 list.add(group); 278 279 // adding this group to the group list; 280 // after the loop, should remove the last ',' char... 281 groups.append(group.getName()).append(", "); 282 } 283 } finally 284 { 285 closeResources(rs, ps, con, true); 286 } 287 288 if (cat.isDebugEnabled()) 289 { 290 cat.debug(new StringBuffer("::getUserGroups - user [id="). 291 append(user.getId()). 292 append(", "). 293 append(user.getFirstName()). 294 append("] belongs to the groups ["). 295 append(groups). 296 append("]")); 297 } 298 299 return list; 300 } 301 302 303 /*** 304 * Get all the roles for the user. 305 * 306 * @param user Description of the Parameter 307 * @return an ArrayList of role objects. 308 * @exception Exception if the query fails. 309 */ 310 public ArrayList getUserRoles(User user) throws Exception 311 { 312 Connection con = null; 313 PreparedStatement ps = null; 314 ResultSet rs = null; 315 Role role = null; 316 StringBuffer roles = new StringBuffer(); 317 ArrayList list = new ArrayList(); 318 int i = 0; 319 320 try 321 { 322 con = getConnection(); 323 ps = con.prepareStatement(getUserRolesQuery); 324 ps.setString(1, user.getId()); 325 rs = ps.executeQuery(); 326 327 while (rs.next()) 328 { 329 role = new Role(); 330 role.setId(rs.getInt("ID")); 331 role.setName(rs.getString("NAME")); 332 list.add(role); 333 334 // adding this role to the role list; 335 // after the loop, should remove the last ',' char... 336 roles.append(role.getName()).append(", "); 337 } 338 } finally 339 { 340 closeResources(rs, ps, con, true); 341 } 342 343 if (cat.isDebugEnabled()) 344 { 345 cat.debug(new StringBuffer("::getUserRoles - user [id="). 346 append(user.getId()). 347 append(", "). 348 append(user.getFirstName()). 349 append("] is in roles ["). 350 append(roles). 351 append("]")); 352 } 353 354 return list; 355 } 356 357 358 /*** 359 * Get all the roles for the user belonging to the input group. 360 * 361 * @param user the user. 362 * @param group the group wich the user belongs to. 363 * @return an ArrayList of role objects. 364 * @exception Exception if the query fails. 365 */ 366 public ArrayList getUserRoles(User user, Group group) throws Exception 367 { 368 Connection con = null; 369 PreparedStatement ps = null; 370 ResultSet rs = null; 371 Role role = null; 372 StringBuffer roles = new StringBuffer(); 373 ArrayList list = new ArrayList(); 374 int i = 0; 375 376 try 377 { 378 con = getConnection(); 379 ps = con.prepareStatement(getUserRoles2Query); 380 381 ps.setString(1, group.getName()); 382 ps.setString(2, user.getId()); 383 rs = ps.executeQuery(); 384 385 while (rs.next()) 386 { 387 role = new Role(); 388 role.setId(rs.getInt("ID")); 389 role.setName(rs.getString("NAME")); 390 list.add(role); 391 392 // adding this role to the role list; 393 // after the loop, should remove the last ',' char... 394 roles.append(role.getName()).append(", "); 395 } 396 } 397 finally 398 { 399 closeResources(rs, ps, con, true); 400 } 401 402 if (cat.isDebugEnabled()) 403 { 404 cat.debug(new StringBuffer("::getUserRoles - user [id="). 405 append(user.getId()). 406 append(", "). 407 append(user.getFirstName()). 408 append("] in group ["). 409 append(group.getName()). 410 append("] is in roles ["). 411 append(roles). 412 append("]")); 413 } 414 415 return list; 416 } 417 418 419 /*** 420 * Get all the permissions for the input role. 421 * 422 * @param role Description of the Parameter 423 * @return an ArrayList of role objects. 424 * @exception Exception if the query fails. 425 */ 426 public ArrayList getRolePermissions(Role role) throws Exception 427 { 428 Connection con = null; 429 PreparedStatement ps = null; 430 ResultSet rs = null; 431 int i = 0; 432 Permission perm = null; 433 StringBuffer perms = new StringBuffer(); 434 ArrayList list = new ArrayList(); 435 436 try 437 { 438 con = getConnection(); 439 ps = con.prepareStatement(getRolePermissionsQuery); 440 ps.setLong(1, role.getId()); 441 rs = ps.executeQuery(); 442 443 while (rs.next()) 444 { 445 perm = new Permission(); 446 perm.setId(rs.getInt("ID")); 447 perm.setName(rs.getString("NAME")); 448 list.add(perm); 449 450 // adding this permission to the permission list; 451 // after the loop, should remove the last ',' char... 452 perms.append(perm.getName()).append(", "); 453 } 454 } 455 finally 456 { 457 closeResources(rs, ps, con, true); 458 } 459 460 if (cat.isDebugEnabled()) 461 { 462 cat.debug(new StringBuffer("::getRolePermissions - role ["). 463 append(role.getName()). 464 append("] has permissions ["). 465 append(perms). 466 append("]")); 467 } 468 469 return list; 470 } 471 472 473 /*** 474 * Check if the user has got the input permission. 475 * 476 * @param user the user. 477 * @param permission Description of the Parameter 478 * @return true if the user has got the input permission, false otherwise. 479 * @exception Exception if the query fails. 480 */ 481 public boolean hasUserPermission(User user, Permission permission) throws Exception 482 { 483 Role role = null; 484 Iterator it = null; 485 ArrayList roles = new ArrayList(); 486 ArrayList permissions = new ArrayList(); 487 StringBuffer log = new StringBuffer(); 488 489 if (cat.isDebugEnabled()) 490 { 491 log.append("::hasUserPermission - user [id="). 492 append(user.getId()). 493 append(", "). 494 append(user.getFirstName()). 495 append("] has permission ["). 496 append(permission.getName() + "] ? "); 497 } 498 499 // check all the user roles permissions; 500 if ((roles = getUserRoles(user)).size() > 0) 501 { 502 it = roles.iterator(); 503 while (it.hasNext()) 504 { 505 permissions = getRolePermissions((Role) it.next()); 506 if (findPermission(permission, permissions)) 507 { 508 if (cat.isDebugEnabled()) 509 { 510 cat.debug(log.append("yes").toString()); 511 } 512 return true; 513 } 514 } 515 } 516 517 if (cat.isDebugEnabled()) 518 { 519 cat.debug(log.append("no")); 520 } 521 522 return false; 523 } 524 525 526 /*** 527 * Check if the user belonging to the input group has got the input permission. 528 * 529 * @param user the user. 530 * @param group the group wich the user belongs to. 531 * @param permission Description of the Parameter 532 * @return true if the user has got the input permission, false otherwise. 533 * @exception Exception if the query fails. 534 */ 535 public boolean hasUserPermission(User user, Group group, Permission permission) throws Exception 536 { 537 Role role = null; 538 Iterator it = null; 539 ArrayList roles = new ArrayList(); 540 ArrayList permissions = new ArrayList(); 541 StringBuffer log = new StringBuffer(); 542 543 if (cat.isDebugEnabled()) 544 { 545 log.append("::hasUserPermission - user [id="). 546 append(user.getId()). 547 append(", "). 548 append(user.getFirstName()). 549 append("] in group ["). 550 append(group.getName()). 551 append("] has permission ["). 552 append(permission.getName()). 553 append("] ? "); 554 } 555 556 // check all the user roles permissions; 557 if ((roles = getUserRoles(user, group)).size() > 0) 558 { 559 it = roles.iterator(); 560 while (it.hasNext()) 561 { 562 permissions = getRolePermissions((Role) it.next()); 563 if (findPermission(permission, permissions)) 564 { 565 if (cat.isDebugEnabled()) 566 { 567 cat.debug(log.append("yes").toString()); 568 } 569 return true; 570 } 571 } 572 } 573 574 if (cat.isDebugEnabled()) 575 { 576 cat.debug(log.append("no").toString()); 577 } 578 579 return false; 580 } 581 582 583 /*** 584 * Check if the input array list contains a Permission object with the same name as 585 * the input permission. 586 * 587 * @param permission Description of the Parameter 588 * @param list Description of the Parameter 589 * @return true if the input array list contains a Permission object whose name matches 590 * the input Permission object name; false otherwise. 591 */ 592 private boolean findPermission(Permission permission, ArrayList list) 593 { 594 Iterator it = list.iterator(); 595 String name = permission.getName(); 596 597 // should implement object.equals(); 598 while (it.hasNext()) 599 { 600 if (((Permission) it.next()).getName().compareTo(name) == 0) 601 { 602 return true; 603 } 604 } 605 606 return false; 607 } 608 }

This page was automatically generated by Maven