1 package org.restafarian.authorization.data.managers;
2
3 import java.sql.Connection;
4 import java.sql.PreparedStatement;
5 import java.sql.ResultSet;
6 import java.sql.SQLException;
7 import java.sql.Statement;
8 import java.sql.Timestamp;
9 import java.util.ArrayList;
10 import java.util.Date;
11 import java.util.HashMap;
12 import java.util.Hashtable;
13 import java.util.List;
14 import java.util.Map;
15
16 import javax.naming.Context;
17 import javax.naming.InitialContext;
18 import javax.sql.DataSource;
19
20 import org.apache.commons.logging.Log;
21 import org.apache.commons.logging.LogFactory;
22 import org.restafarian.authorization.beans.Authorization;
23 import org.restafarian.core.beans.Person;
24
25 /***
26 * <p>Authorization manager</p>
27 */
28 public class AuthorizationManager {
29 private static Log log = LogFactory.getLog(AuthorizationManager.class);
30 private static DataSource dataSource = getDataSource();
31
32 /***
33 * <p>Checks to see if an authorization is on file, and if not, adds it.</p>
34 *
35 * @param authorization the authorization to verify
36 */
37 public static void verifyAuthorization(Authorization authorization) {
38 String context = authorization.getContext();
39 String object = authorization.getObject();
40 String method = authorization.getMethod();
41 String qualifier = authorization.getQualifier();
42 String userId = null;
43 if (authorization.getUser() != null) {
44 userId = authorization.getUser().getId();
45 }
46 if (context != null && !"".equals(context.trim()) &&
47 object != null && !"".equals(object.trim()) &&
48 method != null && !"".equals(method.trim()) &&
49 qualifier != null && !"".equals(qualifier.trim()) &&
50 userId != null && !"".equals(userId.trim())) {
51 Map ids = new HashMap();
52 ids.put("context", context);
53 ids.put("object", object);
54 ids.put("method", method);
55 ids.put("qualifier", qualifier);
56 ids.put("userId", userId);
57 if (getAuthorization(ids) == null) {
58 insertAuthorization(authorization);
59 }
60 }
61 }
62
63 /***
64 * <p>Handles a get request for a single Authorization.</p>
65 *
66 * @param id the id of the requested record
67 * @return the requested Authorization
68 */
69 public static Authorization getAuthorization(int id) {
70 Authorization authorization = null;
71
72 Connection conn = null;
73 Statement stmt = null;
74 ResultSet rs = null;
75 String qs = null;
76 try {
77 conn = dataSource.getConnection();
78 conn.setAutoCommit(false);
79 stmt = conn.createStatement();
80 qs = getAuthorizationQueryStatement(id);
81 rs = stmt.executeQuery(qs);
82 if (rs.next()) {
83 authorization = new Authorization();
84 authorization.setId(rs.getInt("id"));
85 authorization.setActive(rs.getInt("active") == 1);
86 authorization.setContext(rs.getString("context"));
87 authorization.setQualifier(rs.getString("qualifier"));
88 authorization.setObject(rs.getString("object"));
89 authorization.setMethod(rs.getString("method"));
90 if (rs.getTimestamp("activationDate") != null) {
91 authorization.setActivationDate(new Date(rs.getTimestamp("activationDate").getTime()));
92 }
93 if (rs.getTimestamp("deactivationDate") != null) {
94 authorization.setDeactivationDate(new Date(rs.getTimestamp("deactivationDate").getTime()));
95 }
96 Person user = new Person();
97 user.setId(toLowerCase(rs.getString("userId")));
98 user.setName(rs.getString("userName"));
99 user.setUri(rs.getString("userUri"));
100 authorization.setUser(user);
101 if (rs.getString("activatedBy") != null && rs.getString("activatedBy").trim().length() > 0) {
102 Person activatedBy = new Person();
103 activatedBy.setId(rs.getString("activatedBy"));
104 activatedBy.setName(rs.getString("activatedByName"));
105 activatedBy.setUri(rs.getString("activatedByUri"));
106 authorization.setActivatedBy(activatedBy);
107 }
108 if (rs.getString("deactivatedBy") != null && rs.getString("deactivatedBy").trim().length() > 0) {
109 Person deactivatedBy = new Person();
110 deactivatedBy.setId(rs.getString("deactivatedBy"));
111 deactivatedBy.setName(rs.getString("deactivatedByName"));
112 deactivatedBy.setUri(rs.getString("deactivatedByUri"));
113 authorization.setDeactivatedBy(deactivatedBy);
114 }
115 }
116 } catch (SQLException e) {
117 log.error("SQL: " + qs);
118 log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
119 } finally {
120 if (rs != null) {
121 try {
122 rs.close();
123 } catch (SQLException sqle) {
124 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
125 }
126 rs = null;
127 }
128 if (stmt != null) {
129 try {
130 stmt.close();
131 } catch (SQLException sqle) {
132 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
133 }
134 stmt = null;
135 }
136 if (conn != null) {
137 try {
138 conn.commit();
139 conn.close();
140 } catch (SQLException sqle) {
141 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
142 }
143 conn = null;
144 }
145 }
146
147 return authorization;
148 }
149
150 /***
151 * <p>Handles a get request for a single Authorization.</p>
152 *
153 * @param ids a Map containing the ids of the requested record
154 * @return the requested Authorization
155 */
156 public static Authorization getAuthorization(Map ids) {
157 Authorization authorization = null;
158
159 Connection conn = null;
160 Statement stmt = null;
161 ResultSet rs = null;
162 String qs = null;
163 try {
164 conn = dataSource.getConnection();
165 conn.setAutoCommit(false);
166 stmt = conn.createStatement();
167 qs = getAuthorizationQueryStatement(ids);
168 rs = stmt.executeQuery(qs);
169 if (rs.next()) {
170 authorization = new Authorization();
171 authorization.setId(rs.getInt("id"));
172 authorization.setActive(rs.getInt("active") == 1);
173 authorization.setContext(rs.getString("context"));
174 authorization.setQualifier(rs.getString("qualifier"));
175 authorization.setObject(rs.getString("object"));
176 authorization.setMethod(rs.getString("method"));
177 if (rs.getTimestamp("activationDate") != null) {
178 authorization.setActivationDate(new Date(rs.getTimestamp("activationDate").getTime()));
179 }
180 if (rs.getTimestamp("deactivationDate") != null) {
181 authorization.setDeactivationDate(new Date(rs.getTimestamp("deactivationDate").getTime()));
182 }
183 Person user = new Person();
184 user.setId(toLowerCase(rs.getString("userId")));
185 user.setName(rs.getString("userName"));
186 user.setUri(rs.getString("userUri"));
187 authorization.setUser(user);
188 if (rs.getString("activatedBy") != null && rs.getString("activatedBy").trim().length() > 0) {
189 Person activatedBy = new Person();
190 activatedBy.setId(rs.getString("activatedBy"));
191 activatedBy.setName(rs.getString("activatedByName"));
192 activatedBy.setUri(rs.getString("activatedByUri"));
193 authorization.setActivatedBy(activatedBy);
194 }
195 if (rs.getString("deactivatedBy") != null && rs.getString("deactivatedBy").trim().length() > 0) {
196 Person deactivatedBy = new Person();
197 deactivatedBy.setId(rs.getString("deactivatedBy"));
198 deactivatedBy.setName(rs.getString("deactivatedByName"));
199 deactivatedBy.setUri(rs.getString("deactivatedByUri"));
200 authorization.setDeactivatedBy(deactivatedBy);
201 }
202 }
203 } catch (SQLException e) {
204 log.error("SQL: " + qs);
205 log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
206 } finally {
207 if (rs != null) {
208 try {
209 rs.close();
210 } catch (SQLException sqle) {
211 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
212 }
213 rs = null;
214 }
215 if (stmt != null) {
216 try {
217 stmt.close();
218 } catch (SQLException sqle) {
219 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
220 }
221 stmt = null;
222 }
223 if (conn != null) {
224 try {
225 conn.commit();
226 conn.close();
227 } catch (SQLException sqle) {
228 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
229 }
230 conn = null;
231 }
232 }
233
234 return authorization;
235 }
236
237 /***
238 * <p>Handles an Authorization query.</p>
239 *
240 * @param queryString the query string
241 * @return the list of Authorizations
242 */
243 public static List query(Map ids) {
244 List list = new ArrayList();
245
246 Connection conn = null;
247 Statement stmt = null;
248 ResultSet rs = null;
249 String qs = null;
250 try {
251 conn = dataSource.getConnection();
252 conn.setAutoCommit(false);
253 stmt = conn.createStatement();
254 qs = getQueryStatement(ids);
255 rs = stmt.executeQuery(qs);
256 while (rs.next()) {
257 Authorization authorization = new Authorization();
258 authorization.setId(rs.getInt("id"));
259 authorization.setActive(rs.getInt("active") == 1);
260 authorization.setContext(rs.getString("context"));
261 authorization.setQualifier(rs.getString("qualifier"));
262 authorization.setObject(rs.getString("object"));
263 authorization.setMethod(rs.getString("method"));
264 if (rs.getTimestamp("activationDate") != null) {
265 authorization.setActivationDate(new Date(rs.getTimestamp("activationDate").getTime()));
266 }
267 if (rs.getTimestamp("deactivationDate") != null) {
268 authorization.setDeactivationDate(new Date(rs.getTimestamp("deactivationDate").getTime()));
269 }
270 Person user = new Person();
271 user.setId(toLowerCase(rs.getString("userId")));
272 user.setName(rs.getString("userName"));
273 user.setUri(rs.getString("userUri"));
274 authorization.setUser(user);
275 if (rs.getString("activatedBy") != null && rs.getString("activatedBy").trim().length() > 0) {
276 Person activatedBy = new Person();
277 activatedBy.setId(rs.getString("activatedBy"));
278 activatedBy.setName(rs.getString("activatedByName"));
279 activatedBy.setUri(rs.getString("activatedByUri"));
280 authorization.setActivatedBy(activatedBy);
281 }
282 if (rs.getString("deactivatedBy") != null && rs.getString("deactivatedBy").trim().length() > 0) {
283 Person deactivatedBy = new Person();
284 deactivatedBy.setId(rs.getString("deactivatedBy"));
285 deactivatedBy.setName(rs.getString("deactivatedByName"));
286 deactivatedBy.setUri(rs.getString("deactivatedByUri"));
287 authorization.setDeactivatedBy(deactivatedBy);
288 }
289 list.add(authorization);
290 }
291 } catch (SQLException e) {
292 log.error("SQL: " + qs);
293 log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
294 } finally {
295 if (rs != null) {
296 try {
297 rs.close();
298 } catch (SQLException sqle) {
299 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
300 }
301 rs = null;
302 }
303 if (stmt != null) {
304 try {
305 stmt.close();
306 } catch (SQLException sqle) {
307 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
308 }
309 stmt = null;
310 }
311 if (conn != null) {
312 try {
313 conn.commit();
314 conn.close();
315 } catch (SQLException sqle) {
316 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
317 }
318 conn = null;
319 }
320 }
321
322 return list;
323 }
324
325 /***
326 * <p>Inserts a new Authorization into the database.</p>
327 *
328 * @param authorization the Authorization to add
329 * @return the id of the new Authorization
330 */
331 public static int insertAuthorization(Authorization authorization) {
332 int id = -1;
333
334
335 if (authorization.getUser() != null) {
336 verifyPerson(authorization.getUser());
337 }
338 if (authorization.getActivatedBy() != null) {
339 verifyPerson(authorization.getActivatedBy());
340 }
341 if (authorization.getDeactivatedBy() != null) {
342 verifyPerson(authorization.getDeactivatedBy());
343 }
344 Connection conn = null;
345 String qs = null;
346 PreparedStatement ps = null;
347 try {
348 conn = dataSource.getConnection();
349 conn.setAutoCommit(false);
350 qs = "insert into authorization (active, context, object, method, qualifier, userId, activationDate, activatedBy, deactivationDate, deactivatedBy) values(?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
351 ps = conn.prepareStatement(qs);
352 ps.setInt(1, authorization.isActive()?1:0);
353 ps.setString(2, authorization.getContext());
354 ps.setString(3, authorization.getObject());
355 ps.setString(4, authorization.getMethod());
356 ps.setString(5, authorization.getQualifier());
357 ps.setString(6, toLowerCase(authorization.getUser().getId()));
358 Timestamp date = null;
359 if (authorization.getActivationDate() != null) {
360 date = new Timestamp(authorization.getActivationDate().getTime());
361 }
362 ps.setTimestamp(7, date);
363 String activatedBy = null;
364 if (authorization.getActivatedBy() != null) {
365 activatedBy = authorization.getActivatedBy().getId();
366 }
367 ps.setString(8, activatedBy);
368 date = null;
369 if (authorization.getDeactivationDate() != null) {
370 date = new Timestamp(authorization.getDeactivationDate().getTime());
371 }
372 ps.setTimestamp(9, date);
373 String deactivatedBy = null;
374 if (authorization.getDeactivatedBy() != null) {
375 deactivatedBy = authorization.getDeactivatedBy().getId();
376 }
377 ps.setString(10, deactivatedBy);
378 ps.execute();
379 qs = "select @@IDENTITY";
380 Statement stmt = conn.createStatement();
381 ResultSet rs = stmt.executeQuery(qs);
382 if (rs.next()) {
383 id = rs.getInt(1);
384 }
385 conn.commit();
386 } catch (SQLException e) {
387 log.error("SQL: " + qs);
388 log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
389 } finally {
390 if (ps != null) {
391 try {
392 ps.close();
393 } catch (SQLException sqle) {
394 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
395 }
396 ps = null;
397 }
398 if (conn != null) {
399 try {
400 conn.commit();
401 conn.close();
402 } catch (SQLException sqle) {
403 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
404 }
405 conn = null;
406 }
407 }
408
409 return id;
410 }
411
412 /***
413 * <p>Updates an existing Authorization.</p>
414 *
415 * @param authorization the Authorization to update
416 * @return true if the update was successful
417 */
418 public static boolean updateAuthorization(Authorization authorization) {
419 boolean success = false;
420
421
422 if (authorization.getUser() != null) {
423 verifyPerson(authorization.getUser());
424 }
425 if (authorization.getActivatedBy() != null) {
426 verifyPerson(authorization.getActivatedBy());
427 }
428 if (authorization.getDeactivatedBy() != null) {
429 verifyPerson(authorization.getDeactivatedBy());
430 }
431 Connection conn = null;
432 String qs = null;
433 PreparedStatement ps = null;
434 try {
435 conn = dataSource.getConnection();
436 conn.setAutoCommit(false);
437 qs = "update authorization set active=?, context=?, object=?, method=?, qualifier=?, userId=?, activationDate=?, activatedBy=?, deactivationDate=?, deactivatedBy=? where id=?";
438 ps = conn.prepareStatement(qs);
439 ps.setInt(1, authorization.isActive()?1:0);
440 ps.setString(2, authorization.getContext());
441 ps.setString(3, authorization.getObject());
442 ps.setString(4, authorization.getMethod());
443 ps.setString(5, authorization.getQualifier());
444 ps.setString(6, toLowerCase(authorization.getUser().getId()));
445 Timestamp date = null;
446 if (authorization.getActivationDate() != null) {
447 date = new Timestamp(authorization.getActivationDate().getTime());
448 }
449 ps.setTimestamp(7, date);
450 String activatedBy = null;
451 if (authorization.getActivatedBy() != null) {
452 activatedBy = authorization.getActivatedBy().getId();
453 }
454 ps.setString(8, activatedBy);
455 date = null;
456 if (authorization.getDeactivationDate() != null) {
457 date = new Timestamp(authorization.getDeactivationDate().getTime());
458 }
459 ps.setTimestamp(9, date);
460 String deactivatedBy = null;
461 if (authorization.getDeactivatedBy() != null) {
462 deactivatedBy = authorization.getDeactivatedBy().getId();
463 }
464 ps.setString(10, deactivatedBy);
465 ps.setInt(11, authorization.getId());
466 ps.execute();
467 conn.commit();
468 success = true;
469 } catch (SQLException e) {
470 log.error("SQL: " + qs);
471 log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
472 } finally {
473 if (ps != null) {
474 try {
475 ps.close();
476 } catch (SQLException sqle) {
477 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
478 }
479 ps = null;
480 }
481 if (conn != null) {
482 try {
483 conn.commit();
484 conn.close();
485 } catch (SQLException sqle) {
486 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
487 }
488 conn = null;
489 }
490 }
491
492 return success;
493 }
494
495 /***
496 * <p>Checks to see if user is on file, and if not, adds it.</p>
497 *
498 * @param user the user to verify
499 */
500 public static void verifyPerson(Person user) {
501 if (getUser(user.getId()) == null) {
502 insertPerson(user);
503 }
504 }
505
506 /***
507 * <p>Handles a get request for a single Person.</p>
508 *
509 * @param id the id of the requested record
510 * @return the requested Person
511 */
512 public static Person getUser(String id) {
513 Person user = null;
514
515 Connection conn = null;
516 Statement stmt = null;
517 ResultSet rs = null;
518 String qs = null;
519 try {
520 conn = dataSource.getConnection();
521 conn.setAutoCommit(false);
522 stmt = conn.createStatement();
523 qs = "select * from user where id='" + id + "'";
524 rs = stmt.executeQuery(qs);
525 if (rs.next()) {
526 user = new Person();
527 user.setId(toLowerCase(rs.getString("id")));
528 user.setName(rs.getString("name"));
529 user.setUri(rs.getString("uri"));
530 }
531 } catch (SQLException e) {
532 log.error("SQL: " + qs);
533 log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
534 } finally {
535 if (rs != null) {
536 try {
537 rs.close();
538 } catch (SQLException sqle) {
539 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
540 }
541 rs = null;
542 }
543 if (stmt != null) {
544 try {
545 stmt.close();
546 } catch (SQLException sqle) {
547 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
548 }
549 stmt = null;
550 }
551 if (conn != null) {
552 try {
553 conn.commit();
554 conn.close();
555 } catch (SQLException sqle) {
556 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
557 }
558 conn = null;
559 }
560 }
561
562 return user;
563 }
564
565 /***
566 * <p>Inserts a new Person into the database.</p>
567 *
568 * @param user the Person to add
569 * @return true if the insert was successful
570 */
571 public static boolean insertPerson(Person user) {
572 boolean success = false;
573
574 Connection conn = null;
575 String qs = null;
576 PreparedStatement ps = null;
577 try {
578 conn = dataSource.getConnection();
579 conn.setAutoCommit(false);
580 qs = "insert into user (id, name, uri) values(?, ?, ?)";
581 ps = conn.prepareStatement(qs);
582 ps.setString(1, toLowerCase(user.getId()));
583 ps.setString(2, user.getName());
584 ps.setString(3, user.getUri());
585 ps.execute();
586 conn.commit();
587 success = true;
588 } catch (SQLException e) {
589 log.error("SQL: " + qs);
590 log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
591 } finally {
592 if (ps != null) {
593 try {
594 ps.close();
595 } catch (SQLException sqle) {
596 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
597 }
598 ps = null;
599 }
600 if (conn != null) {
601 try {
602 conn.commit();
603 conn.close();
604 } catch (SQLException sqle) {
605 log.error("SQL error: " + sqle.toString() + "; " + sqle.getMessage(), sqle);
606 }
607 conn = null;
608 }
609 }
610
611 return success;
612 }
613
614 /***
615 * <p>Returns the get-by-id query statement.</p>
616 *
617 * @return the get-by-id query statement
618 */
619 private static String getAuthorizationQueryStatement(int id) {
620 StringBuffer buffer = new StringBuffer();
621
622 buffer.append(" select\n");
623 buffer.append(" a.id,\n");
624 buffer.append(" a.active,\n");
625 buffer.append(" a.context,\n");
626 buffer.append(" a.object,\n");
627 buffer.append(" a.method,\n");
628 buffer.append(" a.qualifier,\n");
629 buffer.append(" a.userId,\n");
630 buffer.append(" b.name as userName,\n");
631 buffer.append(" b.uri as userUri,\n");
632 buffer.append(" a.activationDate,\n");
633 buffer.append(" a.activatedBy,\n");
634 buffer.append(" c.name as activatedByName,\n");
635 buffer.append(" c.uri as activatedByUri,\n");
636 buffer.append(" a.deactivationDate,\n");
637 buffer.append(" a.deactivatedBy,\n");
638 buffer.append(" d.name as deactivatedByName,\n");
639 buffer.append(" d.uri as deactivatedByUri\n");
640 buffer.append(" from\n");
641 buffer.append(" authorization a\n");
642 buffer.append(" left outer join user b on a.userId = b.id\n");
643 buffer.append(" left outer join user c on a.activatedBy = c.id\n");
644 buffer.append(" left outer join user d on a.deactivatedBy = d.id\n");
645 buffer.append(" where\n");
646 buffer.append(" a.id = ");
647 buffer.append(id);
648
649 return buffer.toString();
650 }
651
652 /***
653 * <p>Returns the get-by-ids query statement.</p>
654 *
655 * @return the get-by-ids query statement
656 */
657 private static String getAuthorizationQueryStatement(Map ids) {
658 StringBuffer buffer = new StringBuffer();
659
660 String context = (String) ids.get("context");
661 String object = (String) ids.get("object");
662 String method = (String) ids.get("method");
663 String qualifier = (String) ids.get("qualifier");
664 String userId = (String) ids.get("userId");
665 buffer.append(" select\n");
666 buffer.append(" a.id,\n");
667 buffer.append(" a.active,\n");
668 buffer.append(" a.context,\n");
669 buffer.append(" a.object,\n");
670 buffer.append(" a.method,\n");
671 buffer.append(" a.qualifier,\n");
672 buffer.append(" a.userId,\n");
673 buffer.append(" b.name as userName,\n");
674 buffer.append(" b.uri as userUri,\n");
675 buffer.append(" a.activationDate,\n");
676 buffer.append(" a.activatedBy,\n");
677 buffer.append(" c.name as activatedByName,\n");
678 buffer.append(" c.uri as activatedByUri,\n");
679 buffer.append(" a.deactivationDate,\n");
680 buffer.append(" a.deactivatedBy,\n");
681 buffer.append(" d.name as deactivatedByName,\n");
682 buffer.append(" d.uri as deactivatedByUri\n");
683 buffer.append(" from\n");
684 buffer.append(" authorization a\n");
685 buffer.append(" left outer join user b on a.userId = b.id\n");
686 buffer.append(" left outer join user c on a.activatedBy = c.id\n");
687 buffer.append(" left outer join user d on a.deactivatedBy = d.id\n");
688 buffer.append(" where\n");
689 buffer.append(" a.active = 1");
690 if (context != null && context.length() > 0 && !context.equals("*")) {
691 buffer.append(" and\n");
692 buffer.append(" a.context = '");
693 buffer.append(ids.get("context"));
694 buffer.append("'");
695 }
696 if (object != null && object.length() > 0 && !object.equals("*")) {
697 buffer.append(" and\n");
698 buffer.append(" a.object = '");
699 buffer.append(ids.get("object"));
700 buffer.append("'");
701 }
702 if (method != null && method.length() > 0 && !method.equals("*")) {
703 buffer.append(" and\n");
704 buffer.append(" a.method = '");
705 buffer.append(ids.get("method"));
706 buffer.append("'");
707 }
708 if (qualifier != null && qualifier.length() > 0 && !qualifier.equals("*")) {
709 buffer.append(" and\n");
710 buffer.append(" a.qualifier = '");
711 buffer.append(ids.get("qualifier"));
712 buffer.append("'");
713 }
714 if (userId != null && userId.length() > 0 && !userId.equals("*")) {
715 buffer.append(" and\n");
716 buffer.append(" a.userId = '");
717 buffer.append(ids.get("userId"));
718 buffer.append("'");
719 }
720
721 return buffer.toString();
722 }
723
724 /***
725 * <p>Returns the query statement.</p>
726 *
727 * @return the query statement
728 */
729 private static String getQueryStatement(Map ids) {
730 StringBuffer buffer = new StringBuffer();
731
732 String context = (String) ids.get("context");
733 if (context != null) {
734 context = context.trim();
735 if ("".equals(context) || "*".equals(context)) {
736 context = null;
737 }
738 }
739 String object = (String) ids.get("object");
740 if (object != null) {
741 object = object.trim();
742 if ("".equals(object) || "*".equals(object)) {
743 object = null;
744 }
745 }
746 String method = (String) ids.get("method");
747 if (method != null) {
748 method = method.trim();
749 if ("".equals(method) || "*".equals(method)) {
750 method = null;
751 }
752 }
753 String qualifier = (String) ids.get("qualifier");
754 if (qualifier != null) {
755 qualifier = qualifier.trim();
756 if ("".equals(qualifier) || "*".equals(qualifier)) {
757 qualifier = null;
758 }
759 }
760 String userId = (String) ids.get("userId");
761 if (userId != null) {
762 userId = userId.trim();
763 if ("".equals(userId) || "*".equals(userId)) {
764 userId = null;
765 }
766 }
767
768 buffer.append(" select\n");
769 buffer.append(" a.id,\n");
770 buffer.append(" a.active,\n");
771 buffer.append(" a.context,\n");
772 buffer.append(" a.object,\n");
773 buffer.append(" a.method,\n");
774 buffer.append(" a.qualifier,\n");
775 buffer.append(" a.userId,\n");
776 buffer.append(" b.name as userName,\n");
777 buffer.append(" b.uri as userUri,\n");
778 buffer.append(" a.activationDate,\n");
779 buffer.append(" a.activatedBy,\n");
780 buffer.append(" c.name as activatedByName,\n");
781 buffer.append(" c.uri as activatedByUri,\n");
782 buffer.append(" a.deactivationDate,\n");
783 buffer.append(" a.deactivatedBy,\n");
784 buffer.append(" d.name as deactivatedByName,\n");
785 buffer.append(" d.uri as deactivatedByUri\n");
786 buffer.append(" from\n");
787 buffer.append(" authorization a\n");
788 buffer.append(" left outer join user b on a.userId = b.id\n");
789 buffer.append(" left outer join user c on a.activatedBy = c.id\n");
790 buffer.append(" left outer join user d on a.deactivatedBy = d.id\n");
791 buffer.append(" where\n");
792 buffer.append(" a.active = 1");
793 if (context != null) {
794 buffer.append(" and\n");
795 buffer.append(" a.context = '");
796 buffer.append(context);
797 buffer.append("'");
798 }
799 if (object != null) {
800 buffer.append(" and\n");
801 buffer.append(" a.object = '");
802 buffer.append(object);
803 buffer.append("'");
804 }
805 if (method != null) {
806 buffer.append(" and\n");
807 buffer.append(" a.method = '");
808 buffer.append(method);
809 buffer.append("'");
810 }
811 if (qualifier != null) {
812 buffer.append(" and\n");
813 buffer.append(" a.qualifier = '");
814 buffer.append(qualifier);
815 buffer.append("'");
816 }
817 if (userId != null) {
818 buffer.append(" and\n");
819 buffer.append(" a.userId = '");
820 buffer.append(userId);
821 buffer.append("'");
822 }
823 buffer.append("\n");
824 buffer.append(" order by\n");
825 buffer.append(" a.context,\n");
826 buffer.append(" a.object,\n");
827 buffer.append(" a.method,\n");
828 buffer.append(" a.qualifier,\n");
829 buffer.append(" a.userId");
830
831 return buffer.toString();
832 }
833
834 /***
835 * <p>This method is used to convert a string to lower case.</p>
836 *
837 * @param string the string to convert
838 * @return the converted string
839 */
840 private static String toLowerCase(String string) {
841 return string!=null&&!string.equals("")?string.toLowerCase():null;
842 }
843
844 /***
845 * <p>This method is used to look up the <code>DataSource</code>
846 * by name.</p>
847 *
848 * @return the Authorization <code>DataSource</code>
849 */
850 private static DataSource getDataSource() {
851 DataSource thisDataSource = null;
852 String dataSourceName = "java:comp/env/jdbc/authorization";
853 try {
854 Context ctx = new InitialContext(new Hashtable());
855 thisDataSource = (DataSource) ctx.lookup(dataSourceName);
856 } catch (Throwable t) {
857 log.error("Exception obtaining DataSource (\"" + dataSourceName + "\"): " + t.toString(), t);
858 }
859 return thisDataSource;
860 }
861 }