📄 jdbcpolicydatabase.java
字号:
ps.releasePreparedStatement();
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#isResourceAttachedToPolicy(com.sslexplorer.policyframework.Resource,
* com.sslexplorer.policyframework.Policy)
*/
public boolean isResourceAttachedToPolicy(Resource resource, Policy policy)
throws Exception {
String cacheKey = "resourcePolicy-" + resource.getResourceId() + "-"
+ resource.getResourceType().getResourceTypeId() + "-"
+ policy.getResourceId();
Boolean val = (Boolean) policyCache.retrieve(cacheKey);
if (val == null) {
JDBCPreparedStatement ps = db
.getStatement("isResourceAttachedToPolicy.select");
ps.setInt(1, resource.getResourceId());
ps.setInt(2, resource.getResourceType().getResourceTypeId());
ps.setInt(3, policy.getResourceId());
try {
ResultSet rs = ps.executeQuery();
try {
val = new Boolean(rs.next());
} finally {
rs.close();
}
} finally {
ps.releasePreparedStatement();
}
storeToCache(cacheKey, val);
}
return val.booleanValue();
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#isPrincipalAllowed(com.sslexplorer.permissions.Principal,
* com.sslexplorer.policyframework.Resource)
*/
public boolean isPrincipalAllowed(Principal principal, Resource resource,
boolean includeSuperUser) throws Exception {
String cacheKey = "principalAllowed-" + principal.getPrincipalName()
+ "-" + resource.getResourceId() + "-"
+ resource.getResourceType().getResourceTypeId() + "-"
+ includeSuperUser;
Boolean val = (Boolean) policyCache.retrieve(cacheKey);
if (val == null) {
if (principal instanceof User && includeSuperUser) {
if (CoreServlet.getServlet().getLogonController()
.isAdministrator((User) principal)) {
val = Boolean.TRUE;
storeToCache(cacheKey, val);
return val.booleanValue();
}
}
Policy p = getGrantingPolicy(principal, resource);
val = p == null ? Boolean.FALSE : Boolean.TRUE;
storeToCache(cacheKey, val);
}
return val.booleanValue();
}
public Policy getGrantingPolicy(Principal principal, Resource resource) throws Exception {
String cacheKey = "grantingPolicy-" + principal.getPrincipalName()
+ "-" + resource.getResourceId() + "-"
+ resource.getResourceType().getResourceTypeId();
Policy val = (Policy) policyCache.retrieve(cacheKey);
if (val == null) {
List policies = getPoliciesAttachedToResource(resource);
for (Iterator i = policies.iterator(); val == null && i.hasNext();) {
Policy p = (Policy) i.next();
if (isPolicyGrantedToPrincipal(p, principal)) {
val = p;
}
if (principal instanceof User) {
Role[] r = ((User) principal).getRoles();
if (r != null) {
for (int j = 0; val == null && j < r.length; j++) {
if (r[j]!=null && isPolicyGrantedToPrincipal(p, r[j])) {
val = p;
}
}
}
}
}
storeToCache(cacheKey, val);
}
return val;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.boot.Database#cleanup()
*/
public void cleanup() throws Exception {
policyCache.clear();
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.boot.Database#open(javax.servlet.ServletContext)
*/
public void open(CoreServlet controllingServlet) throws Exception {
String dbName = System.getProperty(
"sslexplorer.policyyDatabase.jdbc.dbName",
"explorer_configuration");
controllingServlet.addDatabase(dbName);
String jdbcUser = System.getProperty("sslexplorer.jdbc.username", "sa");
String jdbcPassword = System.getProperty("sslexplorer.jdbc.password",
"");
String vendorDB = System.getProperty("sslexplorer.jdbc.vendorClass",
"com.sslexplorer.jdbc.hsqldb.HSQLDBDatabaseEngine");
if (log.isInfoEnabled()) {
log.info("Policy database is being opened...");
log.info("JDBC vendor class implementation is " + vendorDB);
}
File upgradeDir = new File("install/upgrade");
db = (JDBCDatabaseEngine) Class.forName(vendorDB).newInstance();
db.init("policyDatabase", dbName, jdbcUser, jdbcPassword, null);
DBUpgrader upgrader = new DBUpgrader(ContextHolder.getContext()
.getVersion(), db, ContextHolder.getContext().getDBDirectory(),
upgradeDir);
upgrader.upgrade();
policyCache = new SimpleCache(new MemoryStash(CACHE_MAXOBJS.intValue()));
CoreServlet.getServlet().addCoreListener(new CoreListener() {
public void coreEvent(CoreEvent evt) {
if (evt.getId() == CoreEventConstants.USER_CREATED
|| evt.getId() == CoreEventConstants.USER_EDITED
|| evt.getId() == CoreEventConstants.USER_REMOVED
|| evt.getId() == CoreEventConstants.ROLE_CREATED
|| evt.getId() == CoreEventConstants.ROLE_REMOVED) {
policyCache.clear();
}
}
});
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.boot.Database#close()
*/
public void close() throws Exception {
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getPoliciesAttachedToResource(com.sslexplorer.boot.policyframework.Resource)
*/
public List getPoliciesAttachedToResource(Resource resource)
throws Exception {
String cacheKey = "resourcePolicies-" + resource.getResourceId() + "-"
+ resource.getResourceType().getResourceTypeId();
List l = (List) policyCache.retrieve(cacheKey);
if (l == null) {
// Get the top level policy
JDBCPreparedStatement ps = db
.getStatement("getPoliciesAttachedToResource.select");
ps.setInt(1, resource.getResourceId());
ps.setInt(2, resource.getResourceType().getResourceTypeId());
l = new ArrayList();
try {
ResultSet rs = ps.executeQuery();
while (rs.next()) {
l.add(buildPolicy(rs));
}
storeToCache(cacheKey, (Serializable) l);
} finally {
ps.releasePreparedStatement();
}
}
return l;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getPrincipalsGrantedPolicy(com.sslexplorer.policyframework.Policy)
*/
public List getPrincipalsGrantedPolicy(Policy policy) throws Exception {
String cacheKey = "policyPrincipals-" + policy.getResourceId();
List l = (List) policyCache.retrieve(cacheKey);
if (l == null) {
l = new ArrayList();
if (policy.getResourceId() == PolicyConstants.EVERYONE_POLICY_ID) {
l.addAll(Arrays.asList(CoreServlet.getServlet()
.getUserDatabase().listAllUsers("*")));
l.addAll(Arrays.asList(CoreServlet.getServlet()
.getUserDatabase().listAllRoles("*")));
} else {
JDBCPreparedStatement ps = db
.getStatement("getPrincipalsGrantedPolicy.select");
ps.setInt(1, policy.getResourceId());
try {
ResultSet rs = ps.executeQuery();
while (rs.next()) {
String principalId = rs.getString("principal_id");
int princpalType = rs.getInt("principal_type");
Principal p = null;
if (princpalType == Policy.PRINCIPAL_USER) {
p = CoreServlet.getServlet().getUserDatabase()
.getAccount(principalId);
} else {
p = CoreServlet.getServlet().getUserDatabase()
.getRole(principalId);
}
if (p == null) {
log
.warn("An invalid principal is attached to policy "
+ policy.getResourceId()
+ ". This may happen if you switch user databases or remove users from an external userdatabase. Ignoring.");
} else {
l.add(p);
}
}
} finally {
ps.releasePreparedStatement();
}
}
storeToCache(cacheKey, (Serializable) l);
}
return l;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#revokePolicyFromAllPrincipals(com.sslexplorer.policyframework.Policy)
*/
public void revokePolicyFromAllPrincipals(Policy policy) throws Exception {
if (policy.getResourceId() == PolicyConstants.EVERYONE_POLICY_ID) {
throw new Exception(
"Cannot revoke special Everyone policy from all principals.");
}
policyCache.clear();
JDBCPreparedStatement ps2 = db
.getStatement("revokePolicyFromAllPrincipals.delete");
ps2.setInt(1, policy.getResourceId());
try {
ps2.execute();
} finally {
ps2.releasePreparedStatement();
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#createResourcePermission(com.sslexplorer.policyframework.ResourcePermission)
*/
public ResourcePermission createResourcePermission(
ResourcePermission resourcePermission) throws Exception {
policyCache.clear();
JDBCPreparedStatement ps = db
.getStatement("createResourcePermission.insert");
ps.startTransaction();
ps.setString(1, resourcePermission.getResourceName());
ps.setString(2, resourcePermission.getPermissionClass());
ps.setString(3, resourcePermission.getResourceDescription());
ps.setInt(4, resourcePermission.getOnwardDelegatable() ? 1 : 0);
ps.setInt(5, resourcePermission.getParentResourcePermission());
Calendar c = Calendar.getInstance();
ps.setString(6, db.formatTimestamp(c));
ps.setString(7, db.formatTimestamp(c));
try {
try {
ps.execute();
int id = db.getLastInsertId(ps,
"createResourcePermission.lastInsertId");
resourcePermission.setResourceId(id);
updateResourcePermissionRelationships(ps, resourcePermission);
ps.commit();
return resourcePermission;
} finally {
ps.releasePreparedStatement();
}
} catch (Exception e) {
ps.rollback();
throw e;
} finally {
ps.endTransaction();
}
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getResourcePermissions()
*/
public List getResourcePermissions() throws Exception {
String cacheKey = "resourcePermissions";
List val = (List) policyCache.retrieve(cacheKey);
if (val == null) {
JDBCPreparedStatement ps = db
.getStatement("getResourcePermissions.select");
try {
ResultSet rs = ps.executeQuery();
val = buildResourcePermission(rs);
} finally {
ps.releasePreparedStatement();
}
}
return val;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getPolicyByName(java.lang.String)
*/
public Policy getPolicyByName(String name) throws Exception {
String cacheKey = "policyByName-" + name;
Policy pol = (Policy) policyCache.retrieve(cacheKey);
if (pol == null) {
JDBCPreparedStatement ps = db
.getStatement("getPolicyByName.selectByName");
ps.setString(1, name);
try {
ResultSet rs = ps.executeQuery();
if (rs.next()) {
pol = buildPolicy(rs);
}
} finally {
ps.releasePreparedStatement();
}
if (pol != null) {
storeToCache(cacheKey, pol);
}
}
return pol;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getResourcePermissionByName(java.lang.String)
*/
public ResourcePermission getResourcePermissionByName(String name)
throws Exception {
String cacheKey = "resourcePermissionByName-" + name;
ResourcePermission resourcePermission = (ResourcePermission) policyCache
.retrieve(cacheKey);
if (resourcePermission == null) {
JDBCPreparedStatement ps = db
.getStatement("getResourcePermissionByName.select");
ps.setString(1, name);
try {
ResultSet rs = ps.executeQuery();
List l = buildResourcePermission(rs);
if (l.size() > 0) {
resourcePermission = (ResourcePermission) l.get(0);
}
} finally {
ps.releasePreparedStatement();
}
if (resourcePermission != null) {
storeToCache(cacheKey, resourcePermission);
}
}
return resourcePermission;
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.policyframework.PolicyDatabase#getResourcePermission(int)
*/
public ResourcePermission getResourcePermission(int id) throws Exception {
String cacheKey = "resourcePermission-" + id;
ResourcePermission resourcePermission = (ResourcePermission) policyCache
.retrieve(cacheKey);
if (resourcePermission == null) {
JDBCPreparedStatement ps = db
.getStatement("getResourcePermission.select");
ps.setInt(1, id);
try {
ResultSet rs = ps.executeQuery();
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -