📄 jdbcpolicydatabase.java
字号:
/*
* SSL-Explorer
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.sslexplorer.jdbc;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.sql.ResultSet;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.cache.Cache;
import org.apache.commons.cache.CacheStat;
import org.apache.commons.cache.EvictionPolicy;
import org.apache.commons.cache.GroupMap;
import org.apache.commons.cache.MemoryStash;
import org.apache.commons.cache.SimpleCache;
import org.apache.commons.cache.Stash;
import org.apache.commons.cache.StashPolicy;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.sslexplorer.boot.ContextHolder;
import com.sslexplorer.boot.PropertyList;
import com.sslexplorer.boot.Util;
import com.sslexplorer.core.CoreEvent;
import com.sslexplorer.core.CoreEventConstants;
import com.sslexplorer.core.CoreListener;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.policyframework.AbstractPolicyDatabase;
import com.sslexplorer.policyframework.DefaultPolicy;
import com.sslexplorer.policyframework.DefaultResourcePermission;
import com.sslexplorer.policyframework.Permission;
import com.sslexplorer.policyframework.Policy;
import com.sslexplorer.policyframework.PolicyConstants;
import com.sslexplorer.policyframework.Principal;
import com.sslexplorer.policyframework.Resource;
import com.sslexplorer.policyframework.ResourcePermission;
import com.sslexplorer.policyframework.ResourceType;
import com.sslexplorer.policyframework.ResourceTypeResourcePermission;
import com.sslexplorer.security.Role;
import com.sslexplorer.security.User;
/**
* Concrete implementation of a
* {@link com.sslexplorer.policyframework.PolicyDatabase} that stores policy
* information in a JDBC compliant database.
*
* @author Brett Smith <a href="mailto: brett@3sp.com"><brett@3sp.com></a>
*/
public class JDBCPolicyDatabase extends AbstractPolicyDatabase {
final static Log log = LogFactory.getLog(JDBCPolicyDatabase.class);
private JDBCDatabaseEngine db;
final static Long CACHE_TTL = new Long(System.getProperty(
"sslexplorer.jdbcPolicyDatabase.cacheTTL", "180000"));
final static Integer CACHE_MAXOBJS = new Integer(System.getProperty(
"sslexplorer.jdbcPolicyDatabase.cacheMaxObjs", "2000"));
final static Long CACHE_COST = new Long(0);
// Caches
private Cache policyCache;
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getPolicy(int)
*/
public Policy getPolicy(int id) throws Exception {
String cacheKey = "policy-" + id;
Policy pol = (Policy) policyCache.retrieve(cacheKey);
if (pol == null) {
// Get the top level policy
JDBCPreparedStatement ps = db.getStatement("getPolicy.selectById");
ps.setInt(1, id);
try {
ResultSet rs = ps.executeQuery();
if (rs.next()) {
pol = buildPolicy(rs);
}
} finally {
ps.releasePreparedStatement();
}
if (pol != null) {
storeToCache(cacheKey, (Serializable) pol);
}
}
return pol;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getPolicies()
*/
public List getPolicies() throws Exception {
String cacheKey = "policies";
List l = (List) policyCache.retrieve(cacheKey);
if (l == null) {
// Get the top level policy
JDBCPreparedStatement ps = db.getStatement("getPolicies.select");
l = new ArrayList();
try {
ResultSet rs = ps.executeQuery();
while (rs.next()) {
l.add(buildPolicy(rs));
}
} finally {
ps.releasePreparedStatement();
}
storeToCache(cacheKey, (Serializable) l);
}
return l;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#createPolicy(java.lang.String,
* int, int)
*/
public Policy createPolicy(String name, String description, int type,
int[] childPolicies, int parentResourcePermission) throws Exception {
policyCache.clear();
JDBCPreparedStatement ps = db.getStatement("createPolicy.insert");
ps.startTransaction();
ps.setInt(1, type);
ps.setString(2, name);
ps.setString(3, description);
ps.setInt(4, parentResourcePermission);
Calendar c = Calendar.getInstance();
ps.setString(5, db.formatTimestamp(c));
ps.setString(6, db.formatTimestamp(c));
try {
try {
ps.execute();
int id = db.getLastInsertId(ps, "createPolicy.lastInsertId");
updateChildPolicies(ps, childPolicies, id);
ps.commit();
return new DefaultPolicy(id, name, description, type,
childPolicies, parentResourcePermission, c, c);
} finally {
ps.releasePreparedStatement();
}
} catch (Exception e) {
ps.rollback();
throw e;
} finally {
ps.endTransaction();
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#updatePolicy(com.sslexplorer.policyframework.Policy)
*/
public void updatePolicy(Policy policy) throws Exception {
Policy oldPolicy = getPolicy(policy.getResourceId());
if (oldPolicy == null) {
throw new Exception("Cannot update a policy that doesnt exist");
}
policyCache.clear();
JDBCPreparedStatement ps = db.getStatement("updatePolicy.update");
ps.setInt(1, policy.getType());
ps.setString(2, policy.getResourceName());
ps.setString(3, policy.getResourceDescription());
ps.setInt(4, policy.getParentResourcePermission());
Calendar c = Calendar.getInstance();
ps.setString(5, db.formatTimestamp(c));
ps.setInt(6, policy.getResourceId());
try {
ps.execute();
updateChildPolicies(ps, policy.getChildPolicies(), policy
.getResourceId());
policy.setDateAmended(c);
} finally {
ps.releasePreparedStatement();
}
}
public Policy deletePolicy(int id) throws Exception {
Policy oldPolicy = getPolicy(id);
if (oldPolicy == null) {
throw new Exception("Cannot delete a policy that doesnt exist");
}
policyCache.clear();
// Now delete this policy
JDBCPreparedStatement ps = db.getStatement("deletePolicy.delete");
ps.setInt(1, id);
try {
ps.execute();
ps = db.getStatement("deletePolicy.relationships1");
ps.setInt(1, id);
ps.execute();
ps = db.getStatement("deletePolicy.relationships2");
ps.setInt(1, id);
ps.execute();
} finally {
ps.releasePreparedStatement();
}
return oldPolicy;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#isPolicyGrantedToPrincipal(com.sslexplorer.policyframework.Policy,
* com.sslexplorer.permissions.Principal)
*/
public boolean isPolicyGrantedToPrincipal(Policy policy, Principal principal)
throws Exception {
if(principal==null) {
if(log.isInfoEnabled())
log.info("NULL principal found!");
return false;
}
if (policy.getResourceId() == PolicyConstants.EVERYONE_POLICY_ID) {
return true;
}
String cacheKey = "policyGrantedToPrincipal-" + policy.getResourceId()
+ "-" + principal.getPrincipalName();
Boolean val = (Boolean) policyCache.retrieve(cacheKey);
if (val == null) {
JDBCPreparedStatement ps = db
.getStatement("isPolicyGrantedToPrincipal.select");
ps.setInt(1, policy.getResourceId());
ps.setString(2, principal.getPrincipalName());
boolean found = false;
try {
ResultSet rs = ps.executeQuery();
try {
found = rs.next();
} finally {
rs.close();
}
} finally {
ps.releasePreparedStatement();
}
if (!found) {
// Try all child policies
int[] r = getChildPolicies(policy.getResourceId());
for (int i = 0; i < r.length && !found; i++) {
Policy p = getPolicy(r[i]);
if (isPolicyGrantedToPrincipal(p, principal)) {
found = true;
}
}
}
storeToCache(cacheKey, Boolean.valueOf(found));
val = Boolean.valueOf(found);
}
return val.booleanValue();
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#grantPolicyToPrincipal(com.sslexplorer.policyframework.Policy,
* com.sslexplorer.permissions.Principal)
*/
public void grantPolicyToPrincipal(Policy policy, Principal principal)
throws Exception {
if (policy.getResourceId() == PolicyConstants.EVERYONE_POLICY_ID) {
throw new Exception(
"Cannot grant special Everyone policy to any principal, it is granted by default.");
}
policyCache.clear();
JDBCPreparedStatement ps = db
.getStatement("grantPolicyToPrincipal.insert");
ps.setInt(1, policy.getResourceId());
ps.setString(2, principal.getPrincipalName());
ps.setInt(3, (principal instanceof User) ? Policy.PRINCIPAL_USER
: Policy.PRINCIPAL_GROUP);
try {
ps.execute();
} finally {
ps.releasePreparedStatement();
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#revokePolicyFromPrincipal(com.sslexplorer.policyframework.Policy,
* com.sslexplorer.permissions.Principal)
*/
public void revokePolicyFromPrincipal(Policy policy, Principal principal)
throws Exception {
if (policy.getResourceId() == PolicyConstants.EVERYONE_POLICY_ID) {
throw new Exception(
"Cannot revoke special Everyone policy from any principal.");
}
policyCache.clear();
JDBCPreparedStatement ps = db
.getStatement("revokePolicyFromPrincipal.delete");
ps.setInt(1, policy.getResourceId());
ps.setString(2, principal.getPrincipalName());
try {
ps.execute();
} finally {
ps.releasePreparedStatement();
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#revokeAllPoliciesFromPrincipal(com.sslexplorer.permissions.Principal)
*/
public void revokeAllPoliciesFromPrincipal(Principal principal)
throws Exception {
policyCache.clear();
JDBCPreparedStatement ps = db
.getStatement("revokeAllPoliciesFromPrincipal.delete");
ps.setString(1, principal.getPrincipalName());
try {
ps.execute();
} finally {
ps.releasePreparedStatement();
}
}
/* (non-Javadoc)
* @see com.sslexplorer.policyframework.PolicyDatabase#attachResourceToPolicy(com.sslexplorer.policyframework.Resource, com.sslexplorer.policyframework.Policy, int)
*/
public void attachResourceToPolicy(Resource resource, Policy policy, int sequence)
throws Exception {
policyCache.clear();
JDBCPreparedStatement ps = db
.getStatement("attachResourceToPolicy.insert");
ps.setInt(1, resource.getResourceId());
ps.setInt(2, resource.getResourceType().getResourceTypeId());
ps.setInt(3, policy.getResourceId());
ps.setInt(4, sequence);
try {
ps.execute();
} finally {
ps.releasePreparedStatement();
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#detachResourceFromPolicy(com.sslexplorer.policyframework.Resource,
* com.sslexplorer.policyframework.Policy)
*/
public void detachResourceFromPolicy(Resource resource, Policy policy)
throws Exception {
policyCache.clear();
JDBCPreparedStatement ps = db
.getStatement("detachResourceFromPolicy.delete");
ps.setInt(1, resource.getResourceId());
ps.setInt(2, resource.getResourceType().getResourceTypeId());
ps.setInt(3, policy.getResourceId());
try {
ps.execute();
} finally {
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -