1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.portal.business.rbac;
35
36 import fr.paris.lutece.util.sql.DAOUtil;
37
38 import java.util.ArrayList;
39 import java.util.Collection;
40
41
42
43
44
45 public final class RBACDAO implements IRBACDAO
46 {
47
48 private static final String SQL_QUERY_NEW_PK = " SELECT max( rbac_id ) FROM core_admin_role_resource ";
49 private static final String SQL_QUERY_SELECT = " SELECT rbac_id, role_key, resource_type, resource_id, permission FROM core_admin_role_resource WHERE rbac_id = ? ";
50 private static final String SQL_QUERY_INSERT = " INSERT INTO core_admin_role_resource ( rbac_id, role_key, resource_type, resource_id, permission ) VALUES ( ?, ?, ?, ?, ? ) ";
51 private static final String SQL_QUERY_DELETE = " DELETE FROM core_admin_role_resource WHERE rbac_id = ? ";
52 private static final String SQL_QUERY_UPDATE = " UPDATE core_admin_role_resource SET rbac_id = ?, role_key = ?, resource_type = ?, resource_id = ?, permission = ? WHERE rbac_id = ? ";
53 private static final String SQL_QUERY_SELECTALL = " SELECT rbac_id, role_key, resource_type, resource_id, permission FROM core_admin_role_resource ";
54 private static final String SQL_QUERY_SELECT_BY_ROLE = " SELECT rbac_id, role_key, resource_type, resource_id, permission FROM core_admin_role_resource WHERE role_key = ? ORDER BY resource_type,resource_id,permission ";
55 private static final String SQL_QUERY_UPDATE_ROLES = " UPDATE core_admin_role_resource SET role_key = ? WHERE role_key = ? ";
56 private static final String SQL_QUERY_DELETE_FOR_ROLE_KEY = " DELETE FROM core_admin_role_resource WHERE role_key = ? ";
57
58
59 private static final String SQL_QUERY_SELECT_ROLE_KEYS = " SELECT DISTINCT role_key FROM core_admin_role_resource " +
60 " WHERE resource_type = ? AND " + "( resource_id = ? OR resource_id= ? ) AND" +
61 "( permission = ? OR permission= ? )";
62
63
64
65
66
67 int newPrimaryKey( )
68 {
69 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_NEW_PK );
70 daoUtil.executeQuery( );
71
72 int nKey;
73
74 if ( !daoUtil.next( ) )
75 {
76
77 nKey = 1;
78 }
79
80 nKey = daoUtil.getInt( 1 ) + 1;
81
82 daoUtil.free( );
83
84 return nKey;
85 }
86
87
88
89
90
91
92 public synchronized void insert( RBAC rBAC )
93 {
94 rBAC.setRBACId( newPrimaryKey( ) );
95
96 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_INSERT );
97 daoUtil.setInt( 1, rBAC.getRBACId( ) );
98 daoUtil.setString( 2, rBAC.getRoleKey( ) );
99 daoUtil.setString( 3, rBAC.getResourceTypeKey( ) );
100 daoUtil.setString( 4, rBAC.getResourceId( ) );
101 daoUtil.setString( 5, rBAC.getPermissionKey( ) );
102
103 daoUtil.executeUpdate( );
104 daoUtil.free( );
105 }
106
107
108
109
110
111
112
113 public RBAC load( int nRBACId )
114 {
115 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_SELECT );
116 daoUtil.setInt( 1, nRBACId );
117 daoUtil.executeQuery( );
118
119 RBAC rBAC = null;
120
121 if ( daoUtil.next( ) )
122 {
123 rBAC = new RBAC( );
124 rBAC.setRBACId( daoUtil.getInt( 1 ) );
125 rBAC.setRoleKey( daoUtil.getString( 2 ) );
126 rBAC.setResourceTypeKey( daoUtil.getString( 3 ) );
127 rBAC.setResourceId( daoUtil.getString( 4 ) );
128 rBAC.setPermissionKey( daoUtil.getString( 5 ) );
129 }
130
131 daoUtil.free( );
132
133 return rBAC;
134 }
135
136
137
138
139
140 public void delete( int nRBACId )
141 {
142 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_DELETE );
143 daoUtil.setInt( 1, nRBACId );
144
145 daoUtil.executeUpdate( );
146 daoUtil.free( );
147 }
148
149
150
151
152
153 public void store( RBAC rBAC )
154 {
155 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_UPDATE );
156 daoUtil.setInt( 1, rBAC.getRBACId( ) );
157 daoUtil.setString( 2, rBAC.getRoleKey( ) );
158 daoUtil.setString( 3, rBAC.getResourceTypeKey( ) );
159 daoUtil.setString( 4, rBAC.getResourceId( ) );
160 daoUtil.setString( 5, rBAC.getPermissionKey( ) );
161 daoUtil.setInt( 6, rBAC.getRBACId( ) );
162
163 daoUtil.executeUpdate( );
164 daoUtil.free( );
165 }
166
167
168
169
170
171 public Collection<RBAC> selectRBACList( )
172 {
173 Collection<RBAC> listRBACs = new ArrayList<RBAC>( );
174 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_SELECTALL );
175 daoUtil.executeQuery( );
176
177 while ( daoUtil.next( ) )
178 {
179 RBAC rBAC = new RBAC( );
180 rBAC.setRBACId( daoUtil.getInt( 1 ) );
181 rBAC.setRoleKey( daoUtil.getString( 2 ) );
182 rBAC.setResourceTypeKey( daoUtil.getString( 3 ) );
183 rBAC.setResourceId( daoUtil.getString( 4 ) );
184 rBAC.setPermissionKey( daoUtil.getString( 5 ) );
185
186 listRBACs.add( rBAC );
187 }
188
189 daoUtil.free( );
190
191 return listRBACs;
192 }
193
194
195
196
197
198
199 public Collection<RBAC> selectRBACListByRoleKey( String strRoleKey )
200 {
201 Collection<RBAC> listRBACs = new ArrayList<RBAC>( );
202 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_SELECT_BY_ROLE );
203 daoUtil.setString( 1, strRoleKey );
204 daoUtil.executeQuery( );
205
206 while ( daoUtil.next( ) )
207 {
208 RBAC rBAC = new RBAC( );
209 rBAC.setRBACId( daoUtil.getInt( 1 ) );
210 rBAC.setRoleKey( daoUtil.getString( 2 ) );
211 rBAC.setResourceTypeKey( daoUtil.getString( 3 ) );
212 rBAC.setResourceId( daoUtil.getString( 4 ) );
213 rBAC.setPermissionKey( daoUtil.getString( 5 ) );
214
215 listRBACs.add( rBAC );
216 }
217
218 daoUtil.free( );
219
220 return listRBACs;
221 }
222
223
224
225
226
227
228 public void updateRoleKey( String strOldRoleKey, String strNewRoleKey )
229 {
230 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_UPDATE_ROLES );
231 daoUtil.setString( 1, strNewRoleKey );
232 daoUtil.setString( 2, strOldRoleKey );
233
234 daoUtil.executeUpdate( );
235 daoUtil.free( );
236 }
237
238
239
240
241
242 public void deleteForRoleKey( String strRoleKey )
243 {
244 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_DELETE_FOR_ROLE_KEY );
245 daoUtil.setString( 1, strRoleKey );
246
247 daoUtil.executeUpdate( );
248 daoUtil.free( );
249 }
250
251
252
253
254
255
256
257 public Collection<String> selectRoleKeys( String strTypeCode, String strId, String strPermission )
258 {
259 Collection<String> listRoleKeys = new ArrayList<String>( );
260 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_SELECT_ROLE_KEYS );
261 daoUtil.setString( 1, strTypeCode );
262
263 daoUtil.setString( 2, strId );
264 daoUtil.setString( 3, RBAC.WILDCARD_RESOURCES_ID );
265
266 daoUtil.setString( 4, strPermission );
267 daoUtil.setString( 5, RBAC.WILDCARD_PERMISSIONS_KEY );
268
269 daoUtil.executeQuery( );
270
271 while ( daoUtil.next( ) )
272 {
273 daoUtil.getString( 1 );
274 listRoleKeys.add( daoUtil.getString( 1 ) );
275 }
276
277 daoUtil.free( );
278
279 return listRoleKeys;
280 }
281 }