From 1d8237e4961e8653727f1210061b832ac82dda88 Mon Sep 17 00:00:00 2001 From: Erik Brakkee Date: Fri, 30 Apr 2010 18:21:26 +0000 Subject: [PATCH] hibernate->JPA for authorization rules. correction to DatabaseUtils for deletion order of db tables. --- .../authorization/AuthorizationRule.java | 37 +++++++++++++++++-- .../authorization/UrlAuthorizationRule.java | 24 +++++++++++- .../authorization/TestAuthorizationRule.java | 7 ++++ .../test/resources/META-INF/persistence.xml | 3 ++ .../support/persistence/DatabaseUtils.java | 32 ++++++++-------- 5 files changed, 83 insertions(+), 20 deletions(-) diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationRule.java b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationRule.java index d968c836..4e0f5641 100644 --- a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationRule.java +++ b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationRule.java @@ -15,6 +15,16 @@ */ package org.wamblee.security.authorization; +import javax.persistence.DiscriminatorColumn; +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Inheritance; +import javax.persistence.InheritanceType; +import javax.persistence.Table; +import javax.persistence.Version; + import org.wamblee.persistence.Persistent; import org.wamblee.usermgt.User; @@ -25,14 +35,35 @@ import org.wamblee.usermgt.User; * * @author Erik Brakkee */ -public interface AuthorizationRule extends Persistent { +@Entity +@Table(name = "SEC_AUTH_RULE") +@Inheritance(strategy = InheritanceType.SINGLE_TABLE) +@DiscriminatorColumn(name = "TYPE") +public abstract class AuthorizationRule { + + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long primaryKey; + + @Version + private int version; + + public AuthorizationRule() { + // Empty + } + + public AuthorizationRule(AuthorizationRule aRule) { + primaryKey = aRule.primaryKey; + version = aRule.version; + } + /** * Returns the supported object types for which this authorization rule * applies. This can be used by the authorization service for optimization. * * @return Array of supported types. */ - Class[] getSupportedTypes(); + public abstract Class[] getSupportedTypes(); /** * Determines whether an operation is allowed on a certain resource. The @@ -49,6 +80,6 @@ public interface AuthorizationRule extends Persistent { * * @return Authorization result. */ - AuthorizationResult isAllowed(Object aResource, Operation aOperation, + public abstract AuthorizationResult isAllowed(Object aResource, Operation aOperation, User aUser); } diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java b/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java index 71fcac78..0ae744c4 100644 --- a/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java +++ b/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java @@ -15,6 +15,16 @@ */ package org.wamblee.security.authorization; +import javax.persistence.Access; +import javax.persistence.AccessType; +import javax.persistence.CascadeType; +import javax.persistence.Column; +import javax.persistence.DiscriminatorValue; +import javax.persistence.Entity; +import javax.persistence.JoinColumn; +import javax.persistence.ManyToOne; +import javax.persistence.Transient; + import org.apache.log4j.Logger; import static org.wamblee.security.authorization.AuthorizationResult.DENIED; @@ -44,8 +54,9 @@ import org.wamblee.usermgt.User; * the specified type, the result is UNSUPPORTED_RESOURCE, otherwise, the result * is UNDECIDED. */ -public abstract class UrlAuthorizationRule extends AbstractPersistent implements - AuthorizationRule { +@Entity +@Access(AccessType.PROPERTY) +public abstract class UrlAuthorizationRule extends AuthorizationRule { private static final Logger LOGGER = Logger .getLogger(UrlAuthorizationRule.class); @@ -134,6 +145,7 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements * @see * org.wamblee.security.authorization.AuthorizationRule#getSupportedTypes() */ + @Transient public Class[] getSupportedTypes() { return new Class[] { resourceClass }; } @@ -213,6 +225,7 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements * * @return Result. */ + @Column(name = "AUTH_RESULT", nullable = false) protected String getAuthorizationResultString() { if (result == null) { return null; @@ -231,6 +244,7 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements result = AuthorizationResult.valueOf(aResult); } + @Column(name = "RES_CLASSNAME", nullable = false) protected String getResourceClassName() { if (resourceClass == null) { return ""; @@ -253,6 +267,8 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements * * @return Returns the operationCondition. */ + @ManyToOne(cascade = CascadeType.ALL) + @JoinColumn(name = "OPER_COND_PK") public OperationCondition getOperationCondition() { return operationCondition; } @@ -270,6 +286,8 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements * * @return Returns the pathCondition. */ + @ManyToOne(cascade = CascadeType.ALL) + @JoinColumn(name = "PATH_COND_PK") public PathCondition getPathCondition() { return pathCondition; } @@ -287,6 +305,8 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements * * @return Returns the userCondition. */ + @ManyToOne(cascade = CascadeType.ALL) + @JoinColumn(name = "USER_COND_PK") public UserCondition getUserCondition() { return userCondition; } diff --git a/security/impl/src/test/java/org/wamblee/security/authorization/TestAuthorizationRule.java b/security/impl/src/test/java/org/wamblee/security/authorization/TestAuthorizationRule.java index 9d6000b9..26cb4738 100644 --- a/security/impl/src/test/java/org/wamblee/security/authorization/TestAuthorizationRule.java +++ b/security/impl/src/test/java/org/wamblee/security/authorization/TestAuthorizationRule.java @@ -18,6 +18,10 @@ package org.wamblee.security.authorization; import static org.wamblee.security.authorization.AuthorizationResult.DENIED; import static org.wamblee.security.authorization.AuthorizationResult.GRANTED; +import javax.persistence.DiscriminatorValue; +import javax.persistence.Entity; +import javax.persistence.Transient; + import org.wamblee.usermgt.User; /** @@ -26,10 +30,13 @@ import org.wamblee.usermgt.User; * * @author Erik Brakkee */ +@Entity +@DiscriminatorValue("TEST") public class TestAuthorizationRule extends UrlAuthorizationRule { /** * Counts the number of matches. */ + @Transient private int matches = 0; /** diff --git a/security/jpatest/src/test/resources/META-INF/persistence.xml b/security/jpatest/src/test/resources/META-INF/persistence.xml index f2d8ca1f..ef796a49 100644 --- a/security/jpatest/src/test/resources/META-INF/persistence.xml +++ b/security/jpatest/src/test/resources/META-INF/persistence.xml @@ -16,6 +16,9 @@ org.wamblee.security.authorization.PathCondition org.wamblee.security.authorization.RegexpPathCondition org.wamblee.security.authorization.StartsWithPathCondition + org.wamblee.security.authorization.AuthorizationRule + org.wamblee.security.authorization.UrlAuthorizationRule + org.wamblee.security.authorization.TestAuthorizationRule true diff --git a/test/enterprise/src/main/java/org/wamblee/support/persistence/DatabaseUtils.java b/test/enterprise/src/main/java/org/wamblee/support/persistence/DatabaseUtils.java index 1b300433..311d2da3 100644 --- a/test/enterprise/src/main/java/org/wamblee/support/persistence/DatabaseUtils.java +++ b/test/enterprise/src/main/java/org/wamblee/support/persistence/DatabaseUtils.java @@ -96,9 +96,6 @@ public class DatabaseUtils { return null; } }); - for (String table : tables) { - - } } public void cleanDatabase(ITableFilterSimple aSelection) throws Exception { @@ -190,25 +187,30 @@ public class DatabaseUtils { public void emptyTable(String aTable) throws Exception { executeSql("delete from " + aTable); } - - public void dropTables() throws Exception { - executeOnTables(tables, new TableSetOperation() { - - public void execute(String aTable) throws Exception { - dropTable(aTable); - } - }); + + public void dropTables() throws Exception { + dropTables(tables); } public void dropTables(ITableFilterSimple aTables) throws Exception { - executeOnTables(aTables, new TableSetOperation() { + final String[] tables = getTableNames(aTables); + String[] sortedTables = executeInTransaction(new JdbcUnitOfWork() { - public void execute(String aTable) throws Exception { - dropTable(aTable); + public String[] execute(Connection aConnection) throws Exception { + IDatabaseConnection connection = new DatabaseConnection( + aConnection); + ITableFilter filter = new DatabaseSequenceFilter(connection, + tables); + IDataSet dataset = new FilteredDataSet(filter, connection + .createDataSet(tables)); + return dataset.getTableNames(); } }); + for (int i = sortedTables.length-1; i >= 0; i--) { + dropTable(sortedTables[i]); + } } - + /** * @return * @throws SQLException -- 2.31.1