localapprovalsessionbean.java

一个免费的CA,基于EJB平台的,老师叫我们测试,现把之共享出来让大家参考

		}
    	
		log.debug("<isApproved, result" + retval);
    	return retval;
    }
    
    /**
     * Method returning  an approval requests with status 'waiting', 'Approved' or 'Reject'
     * returns null if no non expirted have exists
     * @ejb.transaction type="Supports"
     * @ejb.interface-method view-type="both"
     */
    public ApprovalDataVO findNonExpiredApprovalRequest(Admin admin, int approvalId){
    	ApprovalDataVO retval = null;
    	ApprovalDataLocal data = findNonExpiredApprovalDataLocal(admin,approvalId);

    	if(data != null){
    		retval = data.getApprovalDataVO(); 
    	}
		
    	return retval;    	
    }
    
    private ApprovalDataLocal findNonExpiredApprovalDataLocal(Admin admin, int approvalId){
    	ApprovalDataLocal retval = null;
    	try {
			Collection result = approvalHome.findByApprovalIdNonExpired(approvalId);
			Iterator iter = result.iterator();
			while(iter.hasNext()){
				ApprovalDataLocal next = (ApprovalDataLocal) iter.next();
				ApprovalDataVO data = next.getApprovalDataVO();
				if(data.getStatus() == ApprovalDataVO.STATUS_WAITINGFORAPPROVAL ||
				   data.getStatus() == ApprovalDataVO.STATUS_APPROVED ||
				   data.getStatus() == ApprovalDataVO.STATUS_REJECTED){
					retval = next;
				}
				
			}
		} catch (FinderException e) {}  
		
    	return retval;    	
    }
    
    /**
     * Method that takes an approvalId and returns all aprovalrequests for 
     * this.
     * 
     * @param admin
     * @param approvalId
     * @return and collection of ApprovalDataVO, empty if no approvals exists.
     * 
     * @ejb.transaction type="Supports"
     * @ejb.interface-method view-type="both"
     */
    public Collection findApprovalDataVO(Admin admin, int approvalId){
    	log.debug(">findApprovalDataVO");
    	ArrayList retval = new ArrayList();
    	
    	try {
			Collection result = approvalHome.findByApprovalId(approvalId);
			Iterator iter = result.iterator();
			while(iter.hasNext()){
				ApprovalDataLocal adl = (ApprovalDataLocal) iter.next();
				retval.add(adl.getApprovalDataVO());
			}
		} catch (FinderException e) {
		}
		
    	log.debug("<findApprovalDataVO");
		return retval;
    }
    

    /**
     * Method returning a list of approvals from the give query
     * 
     * @param admin
     * @param query should be a Query object containing ApprovalMatch and TimeMatch
     * @param index where the resultset should start. 
     * objects only
     * @return a List of ApprovalDataVO, never null
     * @throws AuthorizationDeniedException 
     * 
     * @ejb.transaction type="Supports"
     * @ejb.interface-method view-type="both"
     */
    
    public List query(Admin admin, Query query, int index, int numberofrows) throws IllegalQueryException, AuthorizationDeniedException {
        debug(">query(): ");
        
        boolean authorizedToApproveCAActions = false; // i.e approvals with endentityprofile ApprovalDataVO.ANY_ENDENTITYPROFILE
        boolean authorizedToApproveRAActions = false; // i.e approvals with endentityprofile not ApprovalDataVO.ANY_ENDENTITYPROFILE 
        
        try {
			authorizedToApproveCAActions = getAuthorizationSession().isAuthorizedNoLog(admin, AvailableAccessRules.REGULAR_APPROVECAACTION);
		} catch (AuthorizationDeniedException e1) {}
        try {
			authorizedToApproveRAActions = getAuthorizationSession().isAuthorizedNoLog(admin, AvailableAccessRules.REGULAR_APPROVEENDENTITY);
		} catch (AuthorizationDeniedException e1) {
		}

		if(!authorizedToApproveCAActions && !authorizedToApproveRAActions){
			throw new AuthorizationDeniedException("Not authorized to query apporvals");
		}
		
        ArrayList returnData = new ArrayList();
        GlobalConfiguration globalconfiguration = getRAAdminSession().loadGlobalConfiguration(admin);
        RAAuthorization raauthorization = null;
        String sqlquery = "select " + APPROVALDATA_COL + " from ApprovalData where ";


        // Check if query is legal.
        if (query != null && !query.isLegalQuery())
            throw new IllegalQueryException();

        if (query != null)
            sqlquery = sqlquery + query.getQueryString();

        raauthorization = new RAAuthorization(admin, getRAAdminSession(), getAuthorizationSession());
        String caauthstring = raauthorization.getCAAuthorizationString();
        String endentityauth = "";
        if (globalconfiguration.getEnableEndEntityProfileLimitations()){
        	endentityauth = raauthorization.getEndEntityProfileAuthorizationString(true);
        	if(authorizedToApproveCAActions && authorizedToApproveRAActions){
        		endentityauth = raauthorization.getEndEntityProfileAuthorizationString(true);
        		if(endentityauth != null){
        		  endentityauth = "(" + raauthorization.getEndEntityProfileAuthorizationString(false) + " OR endEntityprofileId=" + ApprovalDataVO.ANY_ENDENTITYPROFILE + " ) ";
        		}
        	}else if (authorizedToApproveCAActions) {
        		endentityauth = " endEntityprofileId=" + ApprovalDataVO.ANY_ENDENTITYPROFILE;
			}else if (authorizedToApproveRAActions) {
				endentityauth = raauthorization.getEndEntityProfileAuthorizationString(true);
			}        	
        	
        }


        if (!caauthstring.trim().equals("") && query != null){
          sqlquery = sqlquery + " AND " + caauthstring;
        }else{
          sqlquery = sqlquery + caauthstring;
        }

        if(endentityauth != null){
          if (caauthstring.trim().equals("") && query == null){
        	sqlquery = sqlquery + endentityauth;
          }else{
          	sqlquery = sqlquery + " AND " + endentityauth;
          }
        }

        
        Connection con = null;
        PreparedStatement ps = null;
        ResultSet rs = null;
        try {
                // Construct SQL query.
                con = JDBCUtil.getDBConnection(JNDINames.DATASOURCE);
                log.debug(sqlquery);

                ps = con.prepareStatement(sqlquery);
                
                // Execute query.
                rs = ps.executeQuery();
                int direction = rs.getFetchDirection();
                if (direction == ResultSet.FETCH_FORWARD) {
                	// Special handling for databases that do not support backward moving in the RS, i.e. Hsql
                	if (index < 0) {
                		throw new Exception("Database does only support forward fetching, but index is "+index);
                	}
                	for (int i = 0; i < index; i++) {
                		rs.next();
                	}
                } else {
                    // Oracles JDBC driver in Weblogic 9.x does not support ResultSet.relative, 
                    // that is why we have to move around manually.
                    boolean forward = true;
                    if (index < 0) {
                        forward = false;
                    }
                    for (int i = 0; i < index; i++) {
                        if (forward) {
                            rs.next();                            
                        } else {
                            rs.previous();
                        }
                    }
                }
                // Assemble result.
                while (rs.next() && returnData.size() < numberofrows) {
                	
                    // Read the variables in order, some databases (i.e. MS-SQL) 
                    // seems to not like out-of-order read of columns (i.e. nr 15 before nr 1)
                    int id = rs.getInt(1);
                    int approvalid = rs.getInt(2);
                    int approvaltype = rs.getInt(3);
                    int endentityprofileId = rs.getInt(4);
                    int caid = rs.getInt(5);
                    String reqadmincertissuerdn = rs.getString(6);
                    String reqadmincertserial = rs.getString(7);
                    int status = rs.getInt(8);
                    String approvaldatastring = rs.getString(9);
                    String requestdatastring = rs.getString(10);
                    long requestdate = rs.getLong(11);
                    long expiredate = rs.getLong(12);
                    int remainingapprovals = rs.getInt(13);
                	ApprovalDataVO data = new ApprovalDataVO(id,approvalid,approvaltype,endentityprofileId,caid,
                			                                 reqadmincertissuerdn, reqadmincertserial, status,
                			                                 ApprovalDataUtil.getApprovals(approvaldatastring),
                			                                 ApprovalDataUtil.getApprovalRequest(requestdatastring),
                			                                 new Date(requestdate), new Date(expiredate), remainingapprovals); 

                	returnData.add(data);
                }
            
            
            debug("<query()");
            return returnData;

        } catch (Exception e) { 
            throw new EJBException(e);
        } finally {
            JDBCUtil.close(con, ps, rs);
        }

    } // query 

    
    private void sendApprovalNotification(Admin admin, GlobalConfiguration gc, String notificationSubject, String notificationMsg, Integer id, int numberOfApprovalsLeft, Date requestDate, ApprovalRequest approvalRequest, Approval approval) {
        debug(">sendNotification approval notification: id="+id);
        try {
        	String requestAdminEmail = null;
        	String approvalAdminsEmail = null;
            String fromAddress = null;
        	// Find the email address of the requesting administrator.
        	X509Certificate requestAdminCert = approvalRequest.getRequestAdminCert();
        	String requestAdminDN = null;
        	String requestAdminUsername = null;
        	if(requestAdminCert != null){
        	  requestAdminDN = CertTools.getSubjectDN(requestAdminCert);
        	  requestAdminUsername = getCertificateStoreSession().findUsernameByCertSerno(admin,requestAdminCert.getSerialNumber(),CertTools.getIssuerDN(requestAdminCert));
              UserDataVO requestAdminData = getUserAdminSession().findUser(admin, requestAdminUsername);        	
              if (requestAdminData == null || requestAdminData.getEmail() == null || requestAdminData.getEmail().equals("")) {
               	getLogSession().log(admin, approvalRequest.getCAId(), LogEntry.MODULE_APPROVAL, new java.util.Date(),requestAdminUsername, null, LogEntry.EVENT_ERROR_NOTIFICATION, "Error sending notification to administrator requesting approval. Set a correct email to the administrator");
              }else{
               	requestAdminEmail = requestAdminData.getEmail();
              }
        	}else{
        		requestAdminUsername = intres.getLocalizedMessage("CLITOOL");
        		requestAdminDN = "CN=" + requestAdminUsername;
        	}
 
            
            // Find the email address of the approving administrators
            approvalAdminsEmail = gc.getApprovalAdminEmailAddress();            
            // Find the email address that should be used in the from field
            fromAddress = gc.getApprovalNotificationFromAddress();                        
            
            if(approvalAdminsEmail.equals("") || fromAddress.equals("")){
            	getLogSession().log(admin, approvalRequest.getCAId(), LogEntry.MODULE_APPROVAL, new java.util.Date(),requestAdminUsername, null, LogEntry.EVENT_ERROR_NOTIFICATION, "Error sending approval notification. The email-addresses, either to approval administrators or from-address isn't configured properly");
            }else{
              String approvalURL =  gc.getBaseUrl() + "adminweb/approval/approveaction.jsf?uniqueId=" + id;
              String approvalTypeText = intres.getLocalizedMessage(ApprovalDataVO.APPROVALTYPENAMES[approvalRequest.getApprovalType()]);
            	
              String approvalAdminUsername = null;
              String approvalAdminDN = null;
              String approveComment = null;
              if(approval != null){
            	  approvalAdminUsername = approval.getUsername();
            	  X509Certificate approvalCert =  (X509Certificate) getCertificateStoreSession().findCertificateByIssuerAndSerno(admin, approval.getAdminCertIssuerDN(), approval.getAdminCertSerialNumber());
            	  approvalAdminDN = CertTools.getSubjectDN(approvalCert);
            	  approveComment = approval.getComment();
              }
              String mailJndi = getLocator().getString("java:comp/env/MailJNDIName");
              Session mailSession = getLocator().getMailSession(mailJndi);
              Integer numAppr =  new Integer(numberOfApprovalsLeft);
              NotificationParamGen paramGen = new NotificationParamGen(requestDate,id,approvalTypeText,numAppr,
            		                                                   approvalURL, approveComment, requestAdminUsername,
            		                                                   requestAdminDN,approvalAdminUsername,approvalAdminDN);
              HashMap params = paramGen.getParams();

              Message msg = new TemplateMimeMessage(params, mailSession);
              msg.setFrom(new InternetAddress(fromAddress));
              msg.addRecipients(javax.mail.Message.RecipientType.TO, InternetAddress.parse(approvalAdminsEmail, false));
              if(requestAdminEmail != null){
            	  msg.addRecipients(javax.mail.Message.RecipientType.TO, InternetAddress.parse(requestAdminEmail, false));
              }
              msg.setSubject(notificationSubject);
              msg.setContent(notificationMsg, "text/plain");
              msg.setHeader("X-Mailer", "JavaMailer");
              msg.setSentDate(new Date());
              Transport.send(msg);

              getLogSession().log(admin, approvalRequest.getCAId(), LogEntry.MODULE_APPROVAL, new java.util.Date(), requestAdminUsername, null, LogEntry.EVENT_INFO_NOTIFICATION, "Approval notification with id " + id + " was sent successfully.");
            }
        } catch (Exception e) {
            error("Error when sending notification approving notification", e);
            try{
            	getLogSession().log(admin, approvalRequest.getCAId(), LogEntry.MODULE_APPROVAL, new java.util.Date(),null, null, LogEntry.EVENT_ERROR_NOTIFICATION, "Error sending approval notification with id " + id + ".");
            }catch(Exception f){
                throw new EJBException(f);
            }
        }
        debug("<sendNotification approval notification: id="+id);
		
	}
 
    
    private Integer findFreeApprovalId() {
        Random ran = (new Random((new Date()).getTime()));
        int id = ran.nextInt();
        boolean foundfree = false;

        while (!foundfree) {
            try {
                if (id > 1)
                   approvalHome.findByPrimaryKey(new Integer(id));
                id = ran.nextInt();
            } catch (FinderException e) {
                foundfree = true;
            }
        }
        return new Integer(id);
    } // findFreeApprovalId


} // LocalApprovalSessionBean