jdbcuserdatabase.java

jspwiki source code,jspwiki source code

    public void deleteByLoginName( String loginName ) throws NoSuchPrincipalException, WikiSecurityException
    {
        // Get the existing user; if not found, throws NoSuchPrincipalException
        findByLoginName( loginName );
        Connection conn = null;

        try
        {
            // Open the database connection
            conn = m_ds.getConnection();
            if( m_supportsCommits )
            {
                conn.setAutoCommit( false );
            }

            PreparedStatement ps;
            // Delete user record
            ps = conn.prepareStatement( m_deleteUserByLoginName );
            ps.setString( 1, loginName );
            ps.execute();
            ps.close();

            // Delete role record
            ps = conn.prepareStatement( m_deleteRoleByLoginName );
            ps.setString( 1, loginName );
            ps.execute();
            ps.close();

            // Commit and close connection
            if( m_supportsCommits )
            {
                conn.commit();
            }
        }
        catch( SQLException e )
        {
            throw new WikiSecurityException( e.getMessage() );
        }
        finally
        {
            try
            {
                if( conn != null ) conn.close();
            }
            catch( Exception e )
            {
            }
        }
    }

    /**
     * @see com.ecyrd.jspwiki.auth.user.UserDatabase#findByEmail(java.lang.String)
     */
    public UserProfile findByEmail( String index ) throws NoSuchPrincipalException
    {
        return findByPreparedStatement( m_findByEmail, index );
    }

    /**
     * @see com.ecyrd.jspwiki.auth.user.UserDatabase#findByFullName(java.lang.String)
     */
    public UserProfile findByFullName( String index ) throws NoSuchPrincipalException
    {
        return findByPreparedStatement( m_findByFullName, index );
    }

    /**
     * @see com.ecyrd.jspwiki.auth.user.UserDatabase#findByLoginName(java.lang.String)
     */
    public UserProfile findByLoginName( String index ) throws NoSuchPrincipalException
    {
        return findByPreparedStatement( m_findByLoginName, index );
    }

    /**
     * @see com.ecyrd.jspwiki.auth.user.UserDatabase#findByWikiName(String)
     */
    public UserProfile findByUid( String uid ) throws NoSuchPrincipalException
    {
        return findByPreparedStatement( m_findByUid, uid );
    }

    /**
     * @see com.ecyrd.jspwiki.auth.user.UserDatabase#findByWikiName(String)
     */
    public UserProfile findByWikiName( String index ) throws NoSuchPrincipalException
    {
        return findByPreparedStatement( m_findByWikiName, index );
    }

    /**
     * Returns all WikiNames that are stored in the UserDatabase as an array of
     * WikiPrincipal objects. If the database does not contain any profiles,
     * this method will return a zero-length array.
     * 
     * @return the WikiNames
     */
    public Principal[] getWikiNames() throws WikiSecurityException
    {
        Set<Principal> principals = new HashSet<Principal>();
        Connection conn = null;
        try
        {
            conn = m_ds.getConnection();
            PreparedStatement ps = conn.prepareStatement( m_findAll );
            ResultSet rs = ps.executeQuery();
            while ( rs.next() )
            {
                String wikiName = rs.getString( m_wikiName );
                if( wikiName == null )
                {
                    log.warn( "Detected null wiki name in XMLUserDataBase. Check your user database." );
                }
                else
                {
                    Principal principal = new WikiPrincipal( wikiName, WikiPrincipal.WIKI_NAME );
                    principals.add( principal );
                }
            }
            ps.close();
        }
        catch( SQLException e )
        {
            throw new WikiSecurityException( e.getMessage() );
        }
        finally
        {
            try
            {
                if( conn != null ) conn.close();
            }
            catch( Exception e )
            {
            }
        }

        return principals.toArray( new Principal[principals.size()] );
    }

    /**
     * @see com.ecyrd.jspwiki.auth.user.UserDatabase#initialize(com.ecyrd.jspwiki.WikiEngine,
     *      java.util.Properties)
     */
    public void initialize( WikiEngine engine, Properties props ) throws NoRequiredPropertyException
    {
        String jndiName = props.getProperty( PROP_DB_DATASOURCE, DEFAULT_DB_JNDI_NAME );
        try
        {
            Context initCtx = new InitialContext();
            Context ctx = (Context) initCtx.lookup( "java:comp/env" );
            m_ds = (DataSource) ctx.lookup( jndiName );

            // Prepare the SQL selectors
            m_userTable = props.getProperty( PROP_DB_TABLE, DEFAULT_DB_TABLE );
            m_email = props.getProperty( PROP_DB_EMAIL, DEFAULT_DB_EMAIL );
            m_fullName = props.getProperty( PROP_DB_FULL_NAME, DEFAULT_DB_FULL_NAME );
            m_lockExpiry = props.getProperty( PROP_DB_LOCK_EXPIRY, DEFAULT_DB_LOCK_EXPIRY );
            m_loginName = props.getProperty( PROP_DB_LOGIN_NAME, DEFAULT_DB_LOGIN_NAME );
            m_password = props.getProperty( PROP_DB_PASSWORD, DEFAULT_DB_PASSWORD );
            m_uid = props.getProperty( PROP_DB_UID, DEFAULT_DB_UID );
            m_wikiName = props.getProperty( PROP_DB_WIKI_NAME, DEFAULT_DB_WIKI_NAME );
            m_created = props.getProperty( PROP_DB_CREATED, DEFAULT_DB_CREATED );
            m_modified = props.getProperty( PROP_DB_MODIFIED, DEFAULT_DB_MODIFIED );
            m_attributes = props.getProperty( PROP_DB_ATTRIBUTES, DEFAULT_DB_ATTRIBUTES );

            m_findAll = "SELECT * FROM " + m_userTable;
            m_findByEmail = "SELECT * FROM " + m_userTable + " WHERE " + m_email + "=?";
            m_findByFullName = "SELECT * FROM " + m_userTable + " WHERE " + m_fullName + "=?";
            m_findByLoginName = "SELECT * FROM " + m_userTable + " WHERE " + m_loginName + "=?";
            m_findByUid = "SELECT * FROM " + m_userTable + " WHERE " + m_uid + "=?";
            m_findByWikiName = "SELECT * FROM " + m_userTable + " WHERE " + m_wikiName + "=?";

            // The user insert SQL prepared statement
            m_insertProfile = "INSERT INTO " + m_userTable + " ("
                              + m_uid + ","
                              + m_email + ","
                              + m_fullName + ","
                              + m_password + ","
                              + m_wikiName + ","
                              + m_modified + ","
                              + m_loginName + ","
                              + m_attributes + ","
                              + m_created
                              + ") VALUES (?,?,?,?,?,?,?,?,?)";
            
            // The user update SQL prepared statement
            m_updateProfile = "UPDATE " + m_userTable + " SET "
                              + m_uid + "=?,"
                              + m_email + "=?,"
                              + m_fullName + "=?,"
                              + m_password + "=?,"
                              + m_wikiName + "=?,"
                              + m_modified + "=?,"
                              + m_loginName + "=?,"
                              + m_attributes + "=?,"
                              + m_lockExpiry + "=? "
                              + "WHERE " + m_loginName + "=?";

            // Prepare the role insert SQL
            m_roleTable = props.getProperty( PROP_DB_ROLE_TABLE, DEFAULT_DB_ROLE_TABLE );
            m_role = props.getProperty( PROP_DB_ROLE, DEFAULT_DB_ROLE );
            m_insertRole = "INSERT INTO " + m_roleTable + " (" + m_loginName + "," + m_role + ") VALUES (?,?)";
            m_findRoles = "SELECT * FROM " + m_roleTable + " WHERE " + m_loginName + "=?";

            // Prepare the user delete SQL
            m_deleteUserByLoginName = "DELETE FROM " + m_userTable + " WHERE " + m_loginName + "=?";

            // Prepare the role delete SQL
            m_deleteRoleByLoginName = "DELETE FROM " + m_roleTable + " WHERE " + m_loginName + "=?";

            // Prepare the rename user/roles SQL
            m_renameProfile = "UPDATE " + m_userTable + " SET " + m_loginName + "=?," + m_modified + "=? WHERE " + m_loginName
                              + "=?";
            m_renameRoles = "UPDATE " + m_roleTable + " SET " + m_loginName + "=? WHERE " + m_loginName + "=?";
        }
        catch( NamingException e )
        {
            log.error( "JDBCUserDatabase initialization error: " + e.getMessage() );
            throw new NoRequiredPropertyException( PROP_DB_DATASOURCE, "JDBCUserDatabase initialization error: " + e.getMessage() );
        }

        // Test connection by doing a quickie select
        Connection conn = null;
        try
        {
            conn = m_ds.getConnection();
            PreparedStatement ps = conn.prepareStatement( m_findAll );
            ps.executeQuery();
            ps.close();
        }
        catch( SQLException e )
        {
            log.error( "JDBCUserDatabase initialization error: " + e.getMessage() );
            throw new NoRequiredPropertyException( PROP_DB_DATASOURCE, "JDBCUserDatabase initialization error: " + e.getMessage() );
        }
        finally
        {
            try
            {
                if( conn != null ) conn.close();
            }
            catch( Exception e )
            {
            }
        }
        log.info( "JDBCUserDatabase initialized from JNDI DataSource: " + jndiName );

        // Determine if the datasource supports commits
        try
        {
            conn = m_ds.getConnection();
            DatabaseMetaData dmd = conn.getMetaData();
            if( dmd.supportsTransactions() )
            {
                m_supportsCommits = true;
                conn.setAutoCommit( false );
                log.info( "JDBCUserDatabase supports transactions. Good; we will use them." );
            }
        }
        catch( SQLException e )
        {
            log.warn( "JDBCUserDatabase warning: user database doesn't seem to support transactions. Reason: " + e.getMessage() );
            throw new NoRequiredPropertyException( PROP_DB_DATASOURCE, "JDBCUserDatabase initialization error: " + e.getMessage() );
        }
        finally
        {
            try
            {
                if( conn != null ) conn.close();
            }
            catch( Exception e )
            {
            }
        }
    }

    /**
     * @see com.ecyrd.jspwiki.auth.user.UserDatabase#rename(String, String)
     */
    public void rename( String loginName, String newName )
                                                          throws NoSuchPrincipalException,
                                                              DuplicateUserException,
                                                              WikiSecurityException
    {
        // Get the existing user; if not found, throws NoSuchPrincipalException
        UserProfile profile = findByLoginName( loginName );

        // Get user with the proposed name; if found, it's a collision
        try
        {
            UserProfile otherProfile = findByLoginName( newName );
            if( otherProfile != null )
            {
                throw new DuplicateUserException( "Cannot rename: the login name '" + newName + "' is already taken." );
            }
        }
        catch( NoSuchPrincipalException e )
        {
            // Good! That means it's safe to save using the new name
        }

        Connection conn = null;
        try
        {
            // Open the database connection
            conn = m_ds.getConnection();
            if( m_supportsCommits )