securitymanager.java

用java 实现的IE browser适合于学者

/*
 * Created on 2004-8-30
 *
 * TODO To change the template for this generated file go to
 * Window - Preferences - Java - Code Generation - Code and Comments
 */
package com.hnjchina.securityManager;

import java.io.UnsupportedEncodingException;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.TreeSet;

/**
 * @author limeiyong
 *
 * TODO To change the template for this generated type comment go to
 * Window - Preferences - Java - Code Generation - Code and Comments
 */
public class SecurityManager extends ObjectManager {
	private	Connection	database;
	private PreparedStatement stmObjectName;
	private PreparedStatement stmObjectID;
	TreeSet	buffer=new TreeSet(PropObject.comparator);
	public	SecurityManager(Connection adb_Master){
		try {
			if ((adb_Master!=null) && (!adb_Master.isClosed())){
				DatabaseMetaData	metadata=adb_Master.getMetaData();
				String[]			ls_aType={"table"};
				ResultSet	lrs_tmp=metadata.getTables(null,null,"security_objects",ls_aType);
				if	(lrs_tmp.next()){
					database=adb_Master;
					stmObjectID=database.prepareStatement("select objid,window,description,tag from	security_objects where objid=?");
					stmObjectName=database.prepareStatement("select objid,window,description,tag from	security_objects where window=?");
				}
				else System.out.println("Target db is not the one I want");
			}
		} catch (SQLException e) {
			e.printStackTrace();
		}
	}
	public int getObjectID(String objectName) {
		PropObject object=new PropObject();
		object.objectName=objectName;
		if	(buffer.contains(object)){
			object=(PropObject)buffer.tailSet(object).iterator().next();
		}else{
			try {
				stmObjectName.clearParameters();
				stmObjectName.setString(1,objectName);
				ResultSet	rs=stmObjectName.executeQuery();
				if	(rs.next()){
					object=getPropertyFromResultSet(rs);
					buffer.add(object);
				}
				rs.close();
			} catch (SQLException e) {
				e.printStackTrace();
			}
			buffer.clear();
		}			
		return object.objectID;
	}
	public String getObjectName(int objectID) {
		PropObject propobjectmanager=getObjectProperty(objectID);
		if	(propobjectmanager!=null)
			return propobjectmanager.objectName;
		else
			return "";
	}
	public PropObject getObjectProperty(int objectID) {
		PropObject object=new PropObject();
		object.objectID=objectID;
		if	(buffer.contains(object)){
			object=(PropObject)buffer.tailSet(object).iterator().next();
		}else{
			try {
				stmObjectID.clearParameters();
				stmObjectID.setInt(1,objectID);
				ResultSet	rs=stmObjectID.executeQuery();
				if	(rs.next()){
					object=getPropertyFromResultSet(rs);
					buffer.add(object);
				}
				rs.close();
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}
		return object;
	}

	private	PropObject	getPropertyFromResultSet(ResultSet rs){
		PropObject	object=new PropObject();
		try {
			object.objectID=rs.getInt("objid");
			object.objectName=rs.getString("window");
			try {
				String	ls_string="";
				ls_string =new  String(ls_string.getBytes("ISO-8859-1"));
				ls_string=rs.getString("description");
				object.description=ls_string;
			} catch (UnsupportedEncodingException e1) {
				e1.printStackTrace();
			}
			object.tag=rs.getInt("tag");
		} catch (SQLException e) {
			e.printStackTrace();
		}
		return	 object;
	}
	public int addObject(PropObject object) {
		if (!(object instanceof PropObject))	return	-1;
		if (object.objectName.length()==0)	return	-1;
		if	(getObjectID(object.objectName)>0){
			System.out.println("Sql error: the objid("+object.objectID+") already being.");
			return	-1;
		}
		try {
			Statement	stm=database.createStatement();
			String		sql=" INSERT INTO security_objects  ( objid,appid,window,control,description,objtype,tag ) "+
							" VALUES ( "+object.objectID+","+20+",'"+object.objectName+"','"+object.objectName+"','"+object.description+"',"+0+","+object.tag +")";
			System.out.println(sql);
			int	rc=stm.executeUpdate(sql);
			if	(rc>0){
				database.commit();
			}else{
				return	-1;
			}
			
		} catch (SQLException e) {
			e.printStackTrace();
		}
		return 1;
	}

	public int modifyObject(PropObject object) {
		if (!(object instanceof PropObject))	return	-1;
		if (object.objectName.length()==0)	return	-1;
		if	(getObjectID(object.objectName)==0)	return	-1;
		try {
			Statement	stm=database.createStatement();
			String		sql="update Security_objects " +
							" set window='"+object.objectName+"' ,"+"description='"+object.description+"'"+
							"where objid="+object.objectID;
			int	rc=stm.executeUpdate(sql);
			if	(rc>0){
				database.commit();
			}else{
				return	-1;
			}
				
		} catch (SQLException e) {
			e.printStackTrace();
			return -1;
		}
		return 1;
	}

	public int deleteObject(PropObject object) {
		if (!(object instanceof PropObject))	return	-1;
		if (object.objectName.length()==0)	return	-1;
		if	(getObjectID(object.objectName)==0)	return	-1;
		try {
			Statement	stm=database.createStatement();
			String		sql="delete security_objects where objid="+object.objectID;
			int			rc=stm.executeUpdate(sql);
			if	(rc>0){
				database.commit();
			}else{
				return -1;
			}
		} catch (SQLException e) {
			e.printStackTrace();
		}
		return 1;
	}

}