hs.hsadmin/hsarback/src/de/hsadmin/mods/db/DatabaseUser.java

210 lines
5.6 KiB
Java
Raw Normal View History

2011-03-22 23:02:06 +01:00
package de.hsadmin.mods.db;
import static javax.persistence.FetchType.EAGER;
import static javax.persistence.GenerationType.SEQUENCE;
import java.io.Serializable;
import javax.persistence.Column;
2011-04-01 18:53:37 +02:00
import javax.persistence.DiscriminatorColumn;
import javax.persistence.DiscriminatorType;
import javax.persistence.Entity;
2011-03-22 23:02:06 +01:00
import javax.persistence.EntityManager;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
2011-04-01 18:53:37 +02:00
import javax.persistence.Inheritance;
import javax.persistence.InheritanceType;
2011-03-22 23:02:06 +01:00
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.NoResultException;
import javax.persistence.Query;
2011-04-01 18:53:37 +02:00
import javax.persistence.SequenceGenerator;
import javax.persistence.Table;
2011-03-22 23:02:06 +01:00
import javax.persistence.Transient;
import de.hsadmin.core.model.AbstractEntity;
2011-08-12 17:58:20 +02:00
import de.hsadmin.core.model.AbstractModuleImpl;
2012-07-27 12:54:11 +02:00
import de.hsadmin.core.model.AnnFieldIO;
import de.hsadmin.core.model.ReadWriteAccess;
2011-03-22 23:02:06 +01:00
import de.hsadmin.mods.pac.Pac;
import de.hsadmin.mods.user.UnixUser;
2011-04-01 18:53:37 +02:00
@Entity
@Table(name = "database_user")
@Inheritance(strategy=InheritanceType.SINGLE_TABLE)
@DiscriminatorColumn(name="engine", discriminatorType=DiscriminatorType.STRING)
@SequenceGenerator(name = "DatabaseUserSeqGen", sequenceName = "dbuser_dbuser_id_seq")
2011-03-22 23:02:06 +01:00
public abstract class DatabaseUser extends AbstractEntity implements Serializable {
private static final long serialVersionUID = -4840133372566213014L;
@Id
@GeneratedValue(strategy = SEQUENCE, generator = "DatabaseUserSeqGen")
@Column(name = "dbuser_id", columnDefinition = "integer", updatable=false, insertable=false)
private long id;
2012-07-27 12:54:11 +02:00
@AnnFieldIO(validation="[a-z0-9\\_]*", rw=ReadWriteAccess.WRITEONCE)
2011-03-22 23:02:06 +01:00
@Column(name = "name", columnDefinition = "character varying(24)", updatable=false)
private String name;
2012-07-27 12:54:11 +02:00
@AnnFieldIO(validation="[^']*", rw=ReadWriteAccess.WRITEONLY)
2011-03-22 23:02:06 +01:00
@Transient
private String password;
2012-07-27 12:54:11 +02:00
@AnnFieldIO(validation="[a-zA-Z]*", rw=ReadWriteAccess.WRITEONCE)
2011-03-22 23:02:06 +01:00
@Column(name = "engine", columnDefinition = "character varying(12)", updatable=false)
protected String instance;
@JoinColumn(name = "packet_id", columnDefinition = "integer", updatable=false)
@ManyToOne(fetch = EAGER)
2012-07-27 12:54:11 +02:00
@AnnFieldIO(validation="[a-z0-9]*", rw=ReadWriteAccess.WRITEONCE)
2011-03-22 23:02:06 +01:00
protected Pac pac;
protected DatabaseUser() {
}
protected DatabaseUser(String instance, Pac pac, String name,
String password) {
this.instance = instance;
this.pac = pac;
this.name = name;
this.password = password;
}
@Override
public void initialize(EntityManager em, UnixUser loginUser) {
pac = loginUser.getPac(); // a default useful for the pac admin
}
public void complete(EntityManager em, UnixUser loginUser) {
if (pac == null && name != null && name.length() > 0) {
// TODO: it's ugly having this code here, needs refactoring
String pacName = name.substring(0, 5);
try {
// get the entities name (query part from FROM to WHERE)
javax.persistence.Entity entityAnnot = Pac.class
.getAnnotation(javax.persistence.Entity.class);
2011-04-01 18:53:37 +02:00
String queryString = "SELECT obj FROM " + entityAnnot.name() + " obj WHERE "
2011-03-22 23:02:06 +01:00
+ Pac.createQueryFromStringKey(pacName);
// set parameters
Query query = em.createQuery(queryString);
2011-08-12 17:58:20 +02:00
AbstractModuleImpl.setQueryParameter(query, queryString, "loginUser", loginUser);
AbstractModuleImpl.setQueryParameter(query, queryString, "loginUserName", loginUser.getName());
AbstractModuleImpl.setQueryParameter(query, queryString, "loginUserPac", loginUser.getPac());
2011-03-22 23:02:06 +01:00
pac = (Pac) query.getSingleResult();
} catch (NoResultException exc) {
throw new SecurityException("packet '" + pacName
+ "' not found or access denied");
}
}
}
@Override
public String createStringKey() {
return getName();
}
@Override
public long id() {
return id;
}
public long getId() {
return id;
}
protected void setId(long id) {
this.id = id;
}
public String getInstance() {
return instance;
}
public void setInstance(String instance) {
this.instance = instance;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public Pac getPac() {
return pac;
}
public void setPac(Pac pac) {
this.pac = pac;
}
@Override
public boolean isNew() {
return id == 0;
}
@Override
public DatabaseUser merge(EntityManager em, UnixUser loginUser) {
DatabaseUser dbEntity = (DatabaseUser) super.merge(em, loginUser);
dbEntity.setPassword(this.getPassword());
return dbEntity;
}
@Override
public String getHiveName() {
if (isNew())
return null;
else
return getPac().getHiveName();
}
@Override
public UnixUser owningUser(EntityManager em) {
return getPac().owningUser(em);
}
/**
* determines whether the given user has full read access on all merged
* fields of this entity
*/
@Override
public boolean isReadAllowedFor(UnixUser loginUser) {
return loginUser.hasPacAdminRoleFor(getPac());
}
/**
* determines whether the given user has full write access on all merged
* fields of this entity
*/
@Override
public boolean isWriteAllowedFor(UnixUser loginUser) {
String pacName = pac.getName();
if (!name.equals(pacName) && !name.startsWith(pacName + "_"))
return false;
return loginUser.hasPacAdminRoleFor(getPac());
}
/**
* query restriction for access control
*/
public static String restriction() {
return
// all databases of all pacs of customer
2011-04-01 18:53:37 +02:00
"obj.pac.customer.name=:loginUserName OR " +
2011-03-22 23:02:06 +01:00
// all aliases of packet admin
2011-04-01 18:53:37 +02:00
"obj.pac.name=:loginUserName";
2011-03-22 23:02:06 +01:00
}
}