hs.hsadmin/hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java

225 lines
7.9 KiB
Java
Raw Normal View History

2010-10-05 21:42:07 +02:00
package de.hsadmin.mods.dom;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import de.hsadmin.core.model.AbstractEntity;
2010-10-05 21:42:07 +02:00
import de.hsadmin.core.model.AbstractModuleImpl;
import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.core.util.DNSCheck;
import de.hsadmin.mods.dom.Domain.Status;
import de.hsadmin.mods.email.EMailAddress;
import de.hsadmin.mods.pac.Pac;
import de.hsadmin.mods.user.UnixUser;
public class DomainModuleImpl extends AbstractModuleImpl {
@Override
public AbstractEntity initialize(AbstractEntity newEntity) throws AuthorisationException {
AbstractEntity newDom = super.initialize(newEntity);
if (newDom instanceof Domain) {
((Domain) newDom).setUser(getTransaction().getLoginUser());
2010-10-05 21:42:07 +02:00
return newDom;
}
return null;
}
@Override
public AbstractEntity find(Class<? extends AbstractEntity> entityClass, Object key) throws HSAdminException {
// do query
AbstractEntity res = super.find(entityClass, key);
// check access rights
needsReadAccessOn(res, "find");
// return clean result
return res;
}
@Override
public AbstractEntity findByString(Class<? extends AbstractEntity> entityClass, String key)
throws HSAdminException {
// do query
AbstractEntity res = super.findByString(entityClass, key);
// check access rights
if (res != null)
needsReadAccessOn(res, "findByString");
// return clean result
return res;
}
@Override
public List<AbstractEntity> search(Class<? extends AbstractEntity> entityClass, String condition, String orderBy) throws HSAdminException {
// do query
if (orderBy == null || orderBy.length() == 0) {
orderBy = "ORDER BY obj.name ASC";
}
List<AbstractEntity> res = super.search(entityClass, condition, orderBy);
List<AbstractEntity> ret = new LinkedList<AbstractEntity>();
// remove entities where login user has no access rights
for (AbstractEntity entity : res) {
try {
needsReadAccessOn(entity, "search");
ret.add(entity);
} catch (AuthorisationException exc) {
} // ignore
}
// return clean result
return ret;
}
@Override
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
Domain dom = (Domain) newEntity;
Date now = new Date();
dom.setFiled(now);
dom.setStatus(Status.SELF);
dom.setStatusChanged(now);
2011-08-29 16:09:20 +02:00
dom.setDnsMaster("dns.hostsharing.net");
2010-10-05 21:42:07 +02:00
if (dom.getName() == null || dom.getName().length() == 0) {
throw new HSAdminException("domain name required");
}
UnixUser admin = dom.getUser();
if (admin == null || admin.getName() == null || admin.getName().length() == 0) {
throw new HSAdminException("domain admin required");
}
EntityManager em = getTransaction().getEntityManager();
UnixUser loginUser = getTransaction().getLoginUser();
2011-07-14 19:42:33 +02:00
if (!loginUser.hasHostmasterRole()) {
// search for domains superior to dom
Query domainQuery = em.createQuery("SELECT d FROM Domains d WHERE d.name = :domainName");
String superior = dom.getName();
while (superior.contains(".")) {
superior = superior.substring(superior.indexOf('.') + 1);
2011-10-21 16:10:41 +02:00
if (dom.isPacDomain()) {
2010-10-05 21:42:07 +02:00
break;
2011-07-14 19:42:33 +02:00
}
domainQuery.setParameter("domainName", superior);
List<?> resultList = domainQuery.getResultList();
if (resultList.size() > 0) {
Domain superDom = (Domain) resultList.get(0);
if (superDom.isPacDomain()) {
throw new HSAdminException("subdomains to pacdomain " + superDom.getName() + " are not allowed");
}
2011-07-14 19:42:33 +02:00
if (loginUser.hasPacAdminRoleFor(superDom.getUser().getPac())) {
break; // same pac
}
if (loginUser.hasCustomerRoleFor(superDom.getUser().getPac().getCustomer())) {
break; // same customer
}
DNSCheck dnsCheck = new DNSCheck(dom.getDnsMaster());
if (dnsCheck.checkDomain(dom.getName())) {
break;
} else {
throw new AuthorisationException(loginUser, "add", dom);
2011-07-14 19:42:33 +02:00
}
2010-10-05 21:42:07 +02:00
}
}
}
Query adminQuery = em.createQuery("SELECT u FROM UnixUsers u WHERE u.name = :adminName");
adminQuery.setParameter("adminName", admin.getName());
dom.setUser((UnixUser) adminQuery.getSingleResult());
needsWriteAccessOn(newEntity, "add");
// Entity addedEntity = super.add(dom);
// Domain addedDomain = (Domain) addedEntity;
em.persist(dom);
String[] emailAddresses = new String[] { "abuse", "postmaster", "webmaster" };
for (String emailLocalpart : emailAddresses) {
EMailAddress eMailAddress = new EMailAddress(emailLocalpart, "", dom, admin.getName());
em.persist(eMailAddress);
}
return super.add(dom);
}
@Override
public AbstractEntity update(AbstractEntity existingEntity) throws HSAdminException {
Domain dom = (Domain) existingEntity;
2011-10-21 16:10:41 +02:00
UnixUser loginUser = getTransaction().getLoginUser();
if (dom.isPacDomain() && !loginUser.hasHostmasterRole()) {
throw new AuthorisationException(loginUser, "update", existingEntity);
}
2010-10-05 21:42:07 +02:00
if (dom.getName() == null || dom.getName().length() == 0) {
throw new HSAdminException("domain name required");
}
UnixUser admin = dom.getUser();
if (admin == null || admin.getName() == null || admin.getName().length() == 0) {
throw new HSAdminException("domain admin required");
}
if (admin.getPac() == null) {
EntityManager em = getTransaction().getEntityManager();
Query query = em.createQuery("SELECT u FROM UnixUsers u WHERE u.name = :adminName");
query.setParameter("adminName", admin.getName());
dom.setUser((UnixUser) query.getSingleResult());
}
needsWriteAccessOn(existingEntity, "update");
2011-10-21 16:10:41 +02:00
throw new AuthorisationException(loginUser, "update", existingEntity);
2010-10-05 21:42:07 +02:00
}
@Override
public void delete(AbstractEntity existingEntity) throws HSAdminException {
needsWriteAccessOn(existingEntity, "delete");
Domain dom = (Domain) existingEntity;
EntityManager em = getTransaction().getEntityManager();
Query query = em.createQuery("SELECT adr FROM " + EMailAddress.class.getAnnotation(javax.persistence.Entity.class).name()
+ " adr WHERE adr.domain.name='" + dom.getName() + "'");
List<?> resultList = query.getResultList();
for (Object obj : resultList) {
EMailAddress eMailAddress = (EMailAddress) obj;
em.remove(eMailAddress);
}
super.delete(existingEntity);
}
private void needsReadAccessOn(AbstractEntity ent, String method) throws AuthorisationException {
UnixUser loginUser = getTransaction().getLoginUser();
2010-10-05 21:42:07 +02:00
if (ent instanceof Domain) {
Domain dom = (Domain) ent;
String aLoginUserName = loginUser.getName();
2010-10-05 21:42:07 +02:00
UnixUser domUser = dom.getUser();
Pac domPac = domUser.getPac();
boolean isDomAdmin = aLoginUserName.equals(domUser.getName());
boolean isPacAdmin = aLoginUserName.equals(domPac.getName());
boolean isCustomer = aLoginUserName.equals(domPac.getCustomer().getName());
boolean isHostmaster = loginUser.hasHostmasterRole();
2010-10-05 21:42:07 +02:00
if (!isDomAdmin && !isPacAdmin && !isCustomer && !isHostmaster) {
throw new AuthorisationException(loginUser, method, dom);
2010-10-05 21:42:07 +02:00
}
} else {
throw new AuthorisationException(loginUser, method, ent);
2010-10-05 21:42:07 +02:00
}
}
2011-10-28 15:28:19 +02:00
private void needsWriteAccessOn(AbstractEntity entity, String method) throws AuthorisationException {
UnixUser loginUser = getTransaction().getLoginUser();
2011-10-28 15:28:19 +02:00
if (entity instanceof Domain) {
Domain dom = (Domain) entity;
2011-07-14 19:42:33 +02:00
String aLoginUserName = loginUser.getName();
2010-10-05 21:42:07 +02:00
UnixUser domUser = dom.getUser();
Pac domPac = domUser.getPac();
2011-07-14 19:42:33 +02:00
boolean isPacAdmin = loginUser.hasPacAdminRoleFor(domPac);
2010-10-05 21:42:07 +02:00
boolean isCustomer = aLoginUserName.equals(domPac.getCustomer().getName());
2011-07-14 19:42:33 +02:00
boolean isHostmaster = loginUser.hasHostmasterRole();
2011-10-28 15:28:19 +02:00
if (!isPacAdmin && !isCustomer && !isHostmaster) {
throw new AuthorisationException(loginUser, method, dom);
}
if (dom.isPacDomain() && !isHostmaster && !"add".equals(method)) {
2011-07-14 19:42:33 +02:00
throw new AuthorisationException(loginUser, method, dom);
2011-10-28 15:28:19 +02:00
}
2010-10-05 21:42:07 +02:00
} else {
2011-10-28 15:28:19 +02:00
throw new AuthorisationException(loginUser, method, entity);
2010-10-05 21:42:07 +02:00
}
}
}