hostsharing/hs.hsadmin
8
1
Fork 0
Code Pull Requests Activity

EMailAddressModule working

Browse Source
This commit is contained in:
Peter Hormanns 2013-07-01 19:15:50 +02:00
parent 7c7404e380
commit 2d4bb80ac6
10 changed files with 564 additions and 440 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
hsarback/src/de/hsadmin/core/model/QueueManager.java
View File

@ -1,48 +1,65 @@
package de.hsadmin.core.model; package de.hsadmin.core.model;
import java.util.ArrayList; import java.util.Properties;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.ejb.LocalBean; import javax.ejb.LocalBean;
import javax.ejb.Stateless; import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.ejb.TransactionAttributeType;
import javax.jms.JMSException;
import javax.jms.Queue;
import javax.jms.QueueConnectionFactory;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import de.hsadmin.core.qserv.ProcessorException;
import de.hsadmin.core.qserv.QueueClient;
import de.hsadmin.core.qserv.QueueTask; import de.hsadmin.core.qserv.QueueTask;
@Stateless @Stateless
@LocalBean @LocalBean
public class QueueManager implements QueueManagerLocal { public class QueueManager implements QueueManagerLocal {
private final Map<String, QueueTaskStore> taskStores; @Resource
private QueueConnectionFactory connectionFactory;
public QueueManager() { public QueueManager() {
taskStores = new HashMap<String, QueueManager.QueueTaskStore>();
} }
@Override @Override
@TransactionAttribute(TransactionAttributeType.MANDATORY)
public void enqueue(String hiveName, QueueTask task) { public void enqueue(String hiveName, QueueTask task) {
QueueTaskStore taskStore = taskStores.get(hiveName); try {
if (taskStore == null) { Queue queue = findHiveQueue(hiveName);
taskStore = new QueueTaskStore(); QueueClient queueClient = new QueueClient(connectionFactory, queue);
taskStores.put(hiveName, taskStore); queueClient.send(task);
queueClient.close();
} catch (JMSException e) {
throw new TechnicalException(e);
} catch (ProcessorException e) {
throw new TechnicalException(e);
} }
taskStore.add(task);
} }
class QueueTaskStore { private Queue findHiveQueue(String hiveName) {
private List<QueueTask> taskList; Queue queue = null;
QueueTaskStore() { Properties props = new Properties();
taskList = new ArrayList<QueueTask>(); props.put(Context.INITIAL_CONTEXT_FACTORY, "org.apache.openejb.core.LocalInitialContextFactory");
Context ctx = null;
try {
ctx = new InitialContext(props);
Context env = (Context) ctx.lookup("java:comp/env");
queue = (Queue) env.lookup("jms/hsadminSystem-" + hiveName);
env.close();
return queue;
} catch (NamingException e) {
throw new TechnicalException(e);
} finally {
if (ctx != null) {
try { ctx.close(); } catch (NamingException e) { }
} }
public void clear() {
taskList = new ArrayList<QueueTask>();
}
void add(QueueTask t) {
taskList.add(t);
}
Iterable<QueueTask> getTasks() {
return taskList;
} }
} }

231
hsarback/src/de/hsadmin/mods/email/AbstractStateless.java Normal file
View File

@ -0,0 +1,231 @@
package de.hsadmin.mods.email;
import java.lang.reflect.Method;
import java.util.LinkedList;
import java.util.List;
import javax.ejb.EJB;
import javax.persistence.Entity;
import javax.persistence.EntityManager;
import javax.persistence.NonUniqueResultException;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.core.model.LoginSessionLocal;
import de.hsadmin.core.model.Module;
import de.hsadmin.core.model.QueueManager;
import de.hsadmin.core.qserv.EntityProcessorFactory;
import de.hsadmin.core.qserv.NullProcessor;
import de.hsadmin.core.qserv.Processor;
import de.hsadmin.core.qserv.QueueTask;
import de.hsadmin.mods.user.UnixUser;
public abstract class AbstractStateless implements Module {
@PersistenceContext(name = "hsar")
protected EntityManager entityManager;
@EJB
private QueueManager queueManager;
public List<AbstractEntity> search(LoginSessionLocal session, Class<? extends AbstractEntity> entityClass, String condition, String orderBy) throws HSAdminException {
if (orderBy == null || orderBy.length() == 0) {
orderBy = "ORDER BY obj.name ASC";
}
UnixUser loginUser = session.getLoginUser();
condition = restrict(entityClass, loginUser, condition);
Entity entityAnnot = entityClass.getAnnotation(Entity.class);
String queryString = "SELECT obj FROM " + entityAnnot.name() + " obj";
if (condition != null && condition.length() > 0) {
queryString += " WHERE " + condition;
}
if (condition != null && condition.contains("AND (FALSE)")) {
return new LinkedList<AbstractEntity>();
}
if (orderBy != null) {
queryString += " ";
queryString += orderBy;
}
entityManager.clear();
Query query = entityManager.createQuery(queryString);
setQueryParameter(query, queryString, "loginUser", loginUser);
setQueryParameter(query, queryString, "loginUserName", loginUser.getName());
setQueryParameter(query, queryString, "loginUserPac", loginUser.getPac());
try {
List<?> res = query.getResultList();
List<AbstractEntity> ret = new LinkedList<AbstractEntity>();
// remove entities where login user has no access rights
for (Object entity : res) {
if (entity instanceof AbstractEntity) {
AbstractEntity returnedEntity = (AbstractEntity) entity;
if (returnedEntity.isReadAllowedFor(session.getLoginUser())) {
ret.add(returnedEntity);
}
}
}
return ret;
} catch (Exception ex) {
throw new HSAdminException(ex);
}
}
public AbstractEntity initialize(LoginSessionLocal session,
AbstractEntity newEntity) throws HSAdminException {
newEntity.initialize(entityManager, session.getLoginUser());
return newEntity;
}
public AbstractEntity add(LoginSessionLocal session, AbstractEntity newEntity) throws HSAdminException {
UnixUser loginUser1 = session.getLoginUser();
newEntity.complete(entityManager, loginUser1);
entityManager.persist(newEntity);
if (!newEntity.isWriteAllowedFor(loginUser1)) {
throw new AuthorisationException(loginUser1, "add", newEntity);
}
EntityProcessorFactory procFact = createProcessorFactory(newEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createCreateProcessor(entityManager, newEntity);
queueProcessor(proc, loginUser1, newEntity, "hinzugefuegt");
}
return newEntity;
}
public AbstractEntity update(LoginSessionLocal session, AbstractEntity existingEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = existingEntity.merge(entityManager, loginUser);
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "update", existingEntity);
}
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createUpdateProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "aktualisiert");
}
return existingEntity;
}
public void delete(LoginSessionLocal session, AbstractEntity existingEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = entityManager.find(existingEntity.getClass(), existingEntity.id());
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", existingEntity);
}
entityManager.remove(existingEntity);
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createDeleteProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "geloescht");
}
}
public void detach(AbstractEntity attached) {
entityManager.detach(attached);
}
public AbstractEntity find(LoginSessionLocal session, Class<? extends AbstractEntity> entityClass, Object key)
throws HSAdminException {
AbstractEntity entity = entityManager.find(entityClass, key);
UnixUser loginUser = session.getLoginUser();
if (!entity.isReadAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", entity);
}
return entity;
}
public AbstractEntity findByString(LoginSessionLocal session, Class<? extends AbstractEntity> entityClass, String key)
throws HSAdminException {
Method method = null;
try {
method = entityClass.getDeclaredMethod("createQueryFromStringKey", String.class);
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (NoSuchMethodException e) {
method = null;
}
AbstractEntity entity = null;
if (method == null) {
entity = entityManager.find(entityClass, key);
} else {
String query = null;
try {
query = (String) method.invoke(null, key);
} catch (Exception e) {
throw new HSAdminException(e);
}
List<AbstractEntity> result = search(session, entityClass, query, null);
if (result.size() > 1) {
throw new NonUniqueResultException();
}
if (result.size() == 0) {
return null;
}
entity = result.get(0);
}
return entity;
}
protected void setQueryParameter(Query query, String queryString, String argName, Object argValue) {
int argLen = argName.length();
int iMax = queryString.length();
int i = 0;
while ((i = queryString.indexOf(argName, i)) >= 0) {
if ((i + argLen) >= iMax || queryString.charAt(i + argLen) < 'A') {
query.setParameter(argName, argValue);
break;
}
++i;
}
}
protected EntityProcessorFactory createProcessorFactory(Class<? extends AbstractEntity> entityClass)
throws HSAdminException {
String procFactName = entityClass.getCanonicalName() + "ProcessorFactory";
Class<?> procFactClass = null;
EntityProcessorFactory procFact = null;
try {
procFactClass = Class.forName(procFactName);
if (procFactClass != null) {
procFact = (EntityProcessorFactory) procFactClass.newInstance();
}
} catch (ClassNotFoundException e) {
// no processor defined
} catch (InstantiationException e) {
throw new HSAdminException(e);
} catch (IllegalAccessException e) {
throw new HSAdminException(e);
}
return procFact;
}
protected void queueProcessor(Processor proc, UnixUser user, AbstractEntity entity,
String action) {
if (proc == null || proc instanceof NullProcessor) {
return;
}
Entity entityInfo = entity.getClass().getAnnotation(Entity.class);
String entityTypeName = entityInfo != null ? entityInfo.name() : entity.getClass().getSimpleName();
StringBuilder details = new StringBuilder();
String title = entityTypeName + " (" + entity.createStringKey() + ") " + action;
QueueTask task = new QueueTask(user, title, details.toString(), proc);
entityManager.persist(task);
queueManager.enqueue(entity.getHiveName(), task);
}
/**
* apply access restriction to JPA-QL condition.
*/
protected String restrict(Class<?> entityClass, UnixUser loginUser, String condition) {
String restriction = AbstractEntity.restriction(entityClass, loginUser);
if (restriction == null)
return condition;
if (condition != null && condition.length() > 0)
condition = "(" + condition + ") AND (" + restriction + ")";
else
condition = restriction;
return condition;
}
}

48
hsarback/src/de/hsadmin/mods/email/EMailAddressModuleImpl.java
View File

@ -2,35 +2,38 @@ package de.hsadmin.mods.email;
import java.util.List; import java.util.List;
import javax.persistence.EntityManager; import javax.ejb.LocalBean;
import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.ejb.TransactionAttributeType;
import javax.persistence.Query; import javax.persistence.Query;
import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.model.AbstractModuleImpl;
import de.hsadmin.core.model.AuthorisationException; import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException; import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.core.model.Transaction; import de.hsadmin.core.model.LoginSessionLocal;
import de.hsadmin.core.model.Module;
import de.hsadmin.hostsharing.BasePacType; import de.hsadmin.hostsharing.BasePacType;
import de.hsadmin.hostsharing.MultiOption;
import de.hsadmin.mods.dom.Domain; import de.hsadmin.mods.dom.Domain;
import de.hsadmin.mods.user.UnixUser; import de.hsadmin.mods.user.UnixUser;
public class EMailAddressModuleImpl extends AbstractModuleImpl { @Stateless(name="EMailAddressModule")
@LocalBean
private static final int EMAIL_PER_MULTI_OPTION = 250; public class EMailAddressModuleImpl extends AbstractStateless implements Module {
@Override @Override
public List<AbstractEntity> search(Class<? extends AbstractEntity> entityClass, public List<AbstractEntity> search(LoginSessionLocal session, Class<? extends AbstractEntity> entityClass,
String condition, String orderBy) throws HSAdminException { String condition, String orderBy) throws HSAdminException {
if (orderBy == null || orderBy.length() == 0) { if (orderBy == null || orderBy.length() == 0) {
orderBy = "ORDER BY obj.domain.name ASC, obj.subdomain ASC, obj.localpart ASC"; orderBy = "ORDER BY obj.domain.name ASC, obj.subdomain ASC, obj.localpart ASC";
} }
return super.search(entityClass, condition, orderBy); return super.search(session, entityClass, condition, orderBy);
} }
@Override @Override
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException { @TransactionAttribute(TransactionAttributeType.REQUIRED)
Transaction tx = getTransaction(); public AbstractEntity add(LoginSessionLocal session, AbstractEntity newEntity) throws HSAdminException {
EntityManager em = tx.getEntityManager();
EMailAddress adr = (EMailAddress) newEntity; EMailAddress adr = (EMailAddress) newEntity;
if (adr.getTarget() == null || adr.getTarget().length() == 0) { if (adr.getTarget() == null || adr.getTarget().length() == 0) {
throw new HSAdminException("target required"); throw new HSAdminException("target required");
@ -46,11 +49,11 @@ public class EMailAddressModuleImpl extends AbstractModuleImpl {
|| adr.getDomain().getName().length() == 0) { || adr.getDomain().getName().length() == 0) {
throw new HSAdminException("domain required"); throw new HSAdminException("domain required");
} }
Query qDomain = em.createQuery("SELECT d FROM Domains d WHERE d.name = :domName"); Query qDomain = entityManager.createQuery("SELECT d FROM Domains d WHERE d.name = :domName");
qDomain.setParameter("domName", adr.getDomain().getName()); qDomain.setParameter("domName", adr.getDomain().getName());
Domain dom = (Domain) qDomain.getSingleResult(); Domain dom = (Domain) qDomain.getSingleResult();
adr.setDomain(dom); adr.setDomain(dom);
UnixUser loginUser = tx.getLoginUser(); UnixUser loginUser = session.getLoginUser();
if (dom.isPacDomain() && !loginUser.hasHostmasterRole()) { if (dom.isPacDomain() && !loginUser.hasHostmasterRole()) {
throw new AuthorisationException(loginUser, "add", adr); throw new AuthorisationException(loginUser, "add", adr);
} }
@ -60,23 +63,22 @@ public class EMailAddressModuleImpl extends AbstractModuleImpl {
throw new HSAdminException("not allowed for this packet type"); throw new HSAdminException("not allowed for this packet type");
} }
//TODO: Needs better implementation //TODO: Needs better implementation
Query qEmailAliases = em.createQuery("SELECT obj FROM EMailAliases obj WHERE obj.pac.id = :pacId"); Query qEmailAliases = entityManager.createQuery("SELECT obj FROM EMailAliases obj WHERE obj.pac.id = :pacId");
qEmailAliases.setParameter("pacId", dom.getUser().getPac().getId()); qEmailAliases.setParameter("pacId", dom.getUser().getPac().getId());
Query qEmailAddresses = em.createQuery("SELECT obj FROM EMailAddresses obj WHERE obj.domain.user.pac.id = :pacId"); Query qEmailAddresses = entityManager.createQuery("SELECT obj FROM EMailAddresses obj WHERE obj.domain.user.pac.id = :pacId");
qEmailAddresses.setParameter("pacId", dom.getUser().getPac().getId()); qEmailAddresses.setParameter("pacId", dom.getUser().getPac().getId());
if (qEmailAliases.getResultList().size() + qEmailAddresses.getResultList().size() >= EMAIL_PER_MULTI_OPTION * dom.getUser().getPac().getQuantityByComponentName("MULTI")) { if (qEmailAliases.getResultList().size() + qEmailAddresses.getResultList().size() >= MultiOption.EMAIL_ITEMS_PER_OPTION * dom.getUser().getPac().getQuantityByComponentName("MULTI")) {
throw new HSAdminException("included email addresses/aliases exceeded"); throw new HSAdminException("included email addresses/aliases exceeded");
} }
return super.add(newEntity); return super.add(session, newEntity);
} }
@Override @Override
public AbstractEntity update(AbstractEntity existingEntity) throws HSAdminException { @TransactionAttribute(TransactionAttributeType.REQUIRED)
Transaction transaction = getTransaction(); public AbstractEntity update(LoginSessionLocal session, AbstractEntity existingEntity) throws HSAdminException {
UnixUser loginUser = transaction.getLoginUser(); UnixUser loginUser = session.getLoginUser();
EMailAddress detachedAddr = (EMailAddress) existingEntity; EMailAddress detachedAddr = (EMailAddress) existingEntity;
EntityManager em = transaction.getEntityManager(); EMailAddress attachedAddr = entityManager.find(EMailAddress.class, detachedAddr.getId());
EMailAddress attachedAddr = em.find(EMailAddress.class, detachedAddr.getId());
String domain = detachedAddr.getDomain().getName(); String domain = detachedAddr.getDomain().getName();
if (domain != null && !domain.equals(attachedAddr.getDomain().getName())) { if (domain != null && !domain.equals(attachedAddr.getDomain().getName())) {
detachedAddr.setDomain(attachedAddr.getDomain()); detachedAddr.setDomain(attachedAddr.getDomain());
@ -97,7 +99,7 @@ public class EMailAddressModuleImpl extends AbstractModuleImpl {
throw new HSAdminException("target required"); throw new HSAdminException("target required");
} }
attachedAddr.setTarget(target); attachedAddr.setTarget(target);
return super.update(attachedAddr); return super.update(session, attachedAddr);
} }
} }

8
hsarback/src/de/hsadmin/mods/email/EMailAlias.java
View File

@ -25,15 +25,11 @@ import de.hsadmin.core.model.SearchFilter;
import de.hsadmin.mods.pac.Pac; import de.hsadmin.mods.pac.Pac;
import de.hsadmin.mods.user.UnixUser; import de.hsadmin.mods.user.UnixUser;
/** @Entity(name = "EMailAliases")
* Entity class for email aliases.
*
*/
@javax.persistence.Entity(name = "EMailAliases")
@Table(name = "emailalias") @Table(name = "emailalias")
@SequenceGenerator(name = "EMailAliasesSeqGen", sequenceName = "emailalias_emailalias_id_seq") @SequenceGenerator(name = "EMailAliasesSeqGen", sequenceName = "emailalias_emailalias_id_seq")
@SearchFilter("obj.pac = :loginUserPac OR obj.pac.customer.name = :loginUserName") @SearchFilter("obj.pac = :loginUserPac OR obj.pac.customer.name = :loginUserName")
@AnnModuleImpl(de.hsadmin.mods.email.EMailAliasModuleImpl.class) @AnnModuleImpl(EMailAliasModuleImpl.class)
public class EMailAlias extends AbstractEntity implements Serializable { public class EMailAlias extends AbstractEntity implements Serializable {
private static final long serialVersionUID = -4711415079723587161L; private static final long serialVersionUID = -4711415079723587161L;

245
hsarback/src/de/hsadmin/mods/email/EMailAliasModuleImpl.java
View File

@ -1,16 +1,9 @@
package de.hsadmin.mods.email; package de.hsadmin.mods.email;
import java.lang.reflect.Method;
import java.util.LinkedList;
import java.util.List;
import javax.ejb.EJB;
import javax.ejb.LocalBean; import javax.ejb.LocalBean;
import javax.ejb.Stateless; import javax.ejb.Stateless;
import javax.persistence.Entity; import javax.ejb.TransactionAttribute;
import javax.persistence.EntityManager; import javax.ejb.TransactionAttributeType;
import javax.persistence.NonUniqueResultException;
import javax.persistence.PersistenceContext;
import javax.persistence.Query; import javax.persistence.Query;
import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.AbstractEntity;
@ -18,11 +11,6 @@ import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException; import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.core.model.LoginSessionLocal; import de.hsadmin.core.model.LoginSessionLocal;
import de.hsadmin.core.model.Module; import de.hsadmin.core.model.Module;
import de.hsadmin.core.model.QueueManager;
import de.hsadmin.core.qserv.EntityProcessorFactory;
import de.hsadmin.core.qserv.NullProcessor;
import de.hsadmin.core.qserv.Processor;
import de.hsadmin.core.qserv.QueueTask;
import de.hsadmin.hostsharing.BasePacType; import de.hsadmin.hostsharing.BasePacType;
import de.hsadmin.hostsharing.MultiOption; import de.hsadmin.hostsharing.MultiOption;
import de.hsadmin.mods.pac.Pac; import de.hsadmin.mods.pac.Pac;
@ -30,187 +18,10 @@ import de.hsadmin.mods.user.UnixUser;
@Stateless(name="EMailAliasModule") @Stateless(name="EMailAliasModule")
@LocalBean @LocalBean
public class EMailAliasModuleImpl implements Module { public class EMailAliasModuleImpl extends AbstractStateless implements Module {
@PersistenceContext(name="hsar")
private EntityManager entityManager;
@EJB
private QueueManager queueManager;
public void detach(AbstractEntity attached) {
entityManager.detach(attached);
}
protected EntityProcessorFactory createProcessorFactory(Class<? extends AbstractEntity> entityClass)
throws HSAdminException {
String procFactName = entityClass.getCanonicalName() + "ProcessorFactory";
Class<?> procFactClass = null;
EntityProcessorFactory procFact = null;
try {
procFactClass = Class.forName(procFactName);
if (procFactClass != null) {
procFact = (EntityProcessorFactory) procFactClass.newInstance();
}
} catch (ClassNotFoundException e) {
// no processor defined
} catch (InstantiationException e) {
throw new HSAdminException(e);
} catch (IllegalAccessException e) {
throw new HSAdminException(e);
}
return procFact;
}
protected void queueProcessor(Processor proc, UnixUser user, AbstractEntity entity, String action) {
if (proc == null || proc instanceof NullProcessor) {
return;
}
Entity entityInfo = entity.getClass().getAnnotation(Entity.class);
String entityTypeName = entityInfo != null ? entityInfo.name() : entity.getClass().getSimpleName();
StringBuilder details = new StringBuilder();
String title = entityTypeName + " (" + entity.createStringKey() + ") " + action;
QueueTask task = new QueueTask(user, title, details.toString(), proc);
entityManager.persist(task);
queueManager.enqueue(entity.getHiveName(), task);
}
public String toString(StackTraceElement[] stackTrace) {
StringBuilder stack = new StringBuilder();
for (StackTraceElement e : stackTrace) {
stack.append(e.getFileName() + ":" + e.getLineNumber() + "\n");
}
return stack.toString();
}
/**
* apply access restriction to JPA-QL condition.
*/
private String restrict(Class<?> entityClass, UnixUser loginUser, String condition) {
String restriction = AbstractEntity.restriction(entityClass, loginUser);
if (restriction == null)
return condition;
if (condition != null && condition.length() > 0)
condition = "(" + condition + ") AND (" + restriction + ")";
else
condition = restriction;
return condition;
}
public static void setQueryParameter(Query query, String queryString,
String argName, Object argValue) {
int argLen = argName.length();
int iMax = queryString.length();
int i = 0;
while ((i = queryString.indexOf(argName, i)) >= 0) {
if ((i + argLen) >= iMax || queryString.charAt(i + argLen) < 'A') {
query.setParameter(argName, argValue);
break;
}
++i;
}
}
@Override
public AbstractEntity initialize(LoginSessionLocal session,
AbstractEntity newEntity) throws HSAdminException {
newEntity.initialize(entityManager, session.getLoginUser());
return newEntity;
}
@Override
public AbstractEntity find(LoginSessionLocal session,
Class<? extends AbstractEntity> entityClass, Object key)
throws HSAdminException {
AbstractEntity entity = entityManager.find(entityClass, key);
UnixUser loginUser = session.getLoginUser();
if (!entity.isReadAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", entity);
}
return entity;
}
@Override
public AbstractEntity findByString(LoginSessionLocal session,
Class<? extends AbstractEntity> entityClass, String key)
throws HSAdminException {
Method method = null;
try {
method = entityClass.getDeclaredMethod("createQueryFromStringKey", String.class);
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (NoSuchMethodException e) {
method = null;
}
AbstractEntity entity = null;
if (method == null) {
entity = entityManager.find(entityClass, key);
}
else {
String query = null;
try {
query = (String) method.invoke(null, key);
} catch (Exception e) {
throw new HSAdminException(e);
}
List<AbstractEntity> result = search(session, entityClass, query, null);
if (result.size() > 1) throw new NonUniqueResultException();
if (result.size() == 0) return null;
entity = result.get(0);
}
return entity;
}
@Override
public List<AbstractEntity> search(LoginSessionLocal session,
Class<? extends AbstractEntity> entityClass, String condition,
String orderBy) throws HSAdminException {
if (orderBy == null || orderBy.length() == 0) {
orderBy = "ORDER BY obj.name ASC";
}
UnixUser loginUser = session.getLoginUser();
condition = restrict(entityClass, loginUser, condition);
Entity entityAnnot = entityClass.getAnnotation(Entity.class);
String queryString = "SELECT obj FROM " + entityAnnot.name() + " obj";
if (condition != null && condition.length() > 0) {
queryString += " WHERE " + condition;
}
if (condition != null && condition.contains("AND (FALSE)")) {
return new LinkedList<AbstractEntity>();
}
if (orderBy != null) {
queryString += " ";
queryString += orderBy;
}
entityManager.clear();
Query query = entityManager.createQuery(queryString);
setQueryParameter(query, queryString, "loginUser", loginUser);
setQueryParameter(query, queryString, "loginUserName", loginUser.getName());
setQueryParameter(query, queryString, "loginUserPac", loginUser.getPac());
try {
List<?> res = query.getResultList();
List<AbstractEntity> ret = new LinkedList<AbstractEntity>();
// remove entities where login user has no access rights
for (Object entity : res) {
if (entity instanceof AbstractEntity) {
AbstractEntity returnedEntity = (AbstractEntity) entity;
if (returnedEntity.isReadAllowedFor(session.getLoginUser())) {
ret.add(returnedEntity);
}
}
}
return ret;
} catch (Exception ex) {
throw new HSAdminException(ex);
}
}
@Override @Override
@TransactionAttribute(TransactionAttributeType.REQUIRED)
public AbstractEntity add(LoginSessionLocal session, public AbstractEntity add(LoginSessionLocal session,
AbstractEntity newEntity) throws HSAdminException { AbstractEntity newEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser(); UnixUser loginUser = session.getLoginUser();
@ -243,53 +54,7 @@ public class EMailAliasModuleImpl implements Module {
throw new HSAdminException("included email addresses/aliases exceeded"); throw new HSAdminException("included email addresses/aliases exceeded");
} }
alias.setPac(pac); alias.setPac(pac);
UnixUser loginUser1 = session.getLoginUser(); return super.add(session, newEntity);
newEntity.complete(entityManager, loginUser1);
entityManager.persist(newEntity);
if (!newEntity.isWriteAllowedFor(loginUser1)) {
throw new AuthorisationException(loginUser1, "add", newEntity);
} }
EntityProcessorFactory procFact = createProcessorFactory(newEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createCreateProcessor(entityManager, newEntity);
queueProcessor(proc, loginUser1, newEntity, "hinzugefuegt");
}
return newEntity;
}
@Override
public AbstractEntity update(LoginSessionLocal session,
AbstractEntity existingEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = existingEntity.merge(entityManager, loginUser);
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "update", existingEntity);
}
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createUpdateProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "aktualisiert");
}
return existingEntity;
}
@Override
public void delete(LoginSessionLocal session, AbstractEntity existingEntity)
throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = entityManager.find(existingEntity.getClass(), existingEntity.id());
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", existingEntity);
}
entityManager.remove(existingEntity);
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createDeleteProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "geloescht");
}
}
} }

2
hsarback/src/de/hsadmin/mods/user/UnixUser.java
View File

@ -50,7 +50,7 @@ public class UnixUser extends AbstractEntity implements Serializable {
@AnnFieldIO(validation="[a-z0-9]*", rw=ReadWriteAccess.WRITEONCE) @AnnFieldIO(validation="[a-z0-9]*", rw=ReadWriteAccess.WRITEONCE)
@JoinColumn(name = "packet_id", columnDefinition = "integer", updatable=false) @JoinColumn(name = "packet_id", columnDefinition = "integer", updatable=false)
@ManyToOne(fetch = FetchType.LAZY) @ManyToOne(fetch = FetchType.EAGER)
private Pac pac; private Pac pac;
@AnnFieldIO(validation="[a-zA-Z0-9\\_\\-\\.\\,\\ ]*", rw=ReadWriteAccess.READWRITE) @AnnFieldIO(validation="[a-zA-Z0-9\\_\\-\\.\\,\\ ]*", rw=ReadWriteAccess.READWRITE)

186
hsarback/src/de/hsadmin/remote/EJBAbstractRemote.java Normal file
View File

@ -0,0 +1,186 @@
package de.hsadmin.remote;
import java.lang.reflect.Constructor;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.core.model.LoginBeanLocal;
import de.hsadmin.core.model.LoginSessionLocal;
import de.hsadmin.core.model.Module;
import de.hsadmin.mods.user.UnixUser;
public abstract class EJBAbstractRemote {
public EJBAbstractRemote() {
super();
}
public List<Map<String, Object>> search(String runAsUser, String ticket, Map<String, String> whereParams)
throws HSAdminException {
String user = runAsUser;
try {
getSession().setLoginUser(getLogin().login(user, ticket));
UnixUser unixUser = getSession().getLoginUser();
List<AbstractEntity> list = getModule().search(getSession(), getEntityClass(),
buildQueryCondition(whereParams), null);
if (list == null) {
throw new HSAdminException("result list is null, runtime-error?");
}
ArrayList<Map<String, Object>> result = new ArrayList<Map<String, Object>>();
for (AbstractEntity e : list) {
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(e, entry);
if (e.isReadAllowedFor(unixUser)) {
result.add(entry);
}
}
return result;
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (IllegalArgumentException e) {
throw new HSAdminException(e);
}
}
public abstract LoginSessionLocal getSession();
public abstract LoginBeanLocal getLogin();
public abstract Module getModule();
protected abstract Class<? extends AbstractEntity> getEntityClass();
protected abstract void entity2map(AbstractEntity entity, Map<String, Object> resultMap);
protected abstract void map2entity(Map<String, Object> setParams, AbstractEntity entity) throws HSAdminException;
protected abstract void regularizeKeys(Map<String, String> whereParams);
public Map<String, Object> add(String runAsUser, String ticket, Map<String, Object> setParams)
throws HSAdminException {
String user = runAsUser;
try {
getSession().setLoginUser(getLogin().login(user, ticket));
Constructor<? extends AbstractEntity> constructor =
getEntityClass().getConstructor();
AbstractEntity entity = constructor.newInstance();
getModule().initialize(getSession(), entity);
map2entity(setParams, entity);
AbstractEntity insertedEntity = getModule().add(getSession(), entity);
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(insertedEntity, entry);
return entry;
} catch (Exception e) {
throw new HSAdminException(e);
}
}
public void delete(String runAsUser, String ticket, Map<String, String> whereParams)
throws HSAdminException {
String user = runAsUser;
try {
getSession().setLoginUser(getLogin().login(user, ticket));
UnixUser unixUser = getSession().getLoginUser();
String queryCondition = buildQueryCondition(whereParams);
if (queryCondition == null || queryCondition.length() == 0) {
throw new HSAdminException(
"better safe than sorry: no where parameter found");
}
List<AbstractEntity> list = getModule().search(getSession(), getEntityClass(),
queryCondition, null);
for (AbstractEntity e : list) {
if (e.isWriteAllowedFor(unixUser)) {
getModule().delete(getSession(), e);
} else {
throw new AuthorisationException(unixUser, "delete", e);
}
}
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (IllegalArgumentException e) {
throw new HSAdminException(e);
}
}
public List<Map<String, Object>> update(String runAsUser, String ticket, Map<String, Object> setParams, Map<String, String> whereParams)
throws HSAdminException {
String user = runAsUser;
try {
getSession().setLoginUser(getLogin().login(user, ticket));
UnixUser unixUser = getSession().getLoginUser();
ArrayList<Map<String, Object>> result = new ArrayList<Map<String, Object>>();
String queryCondition = buildQueryCondition(whereParams);
if (queryCondition == null || queryCondition.length() == 0) {
throw new HSAdminException(
"better safe than sorry: no where parameter found");
}
List<AbstractEntity> list = getModule().search(getSession(), getEntityClass(),
queryCondition, getOrderBy());
for (AbstractEntity update : list) {
if (update.isWriteAllowedFor(unixUser)) {
getModule().detach(update);
map2entity(setParams, update);
update = getModule().update(getSession(), update);
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(update, entry);
result.add(entry);
} else {
throw new AuthorisationException(unixUser, "update", update);
}
}
return result;
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (IllegalArgumentException e) {
throw new HSAdminException(e);
}
}
private String buildQueryCondition(Map<String, String> whereParams) {
regularizeKeys(whereParams);
StringBuffer cond = new StringBuffer();
Iterator<String> keyIterator = whereParams.keySet().iterator();
while (keyIterator.hasNext()) {
if (cond.length() > 0) {
cond.append(" AND ");
}
String field = keyIterator.next();
String value = whereParams.get(field).replaceAll("'", "\'");
cond.append("obj.");
cond.append(field);
cond.append(" = ");
boolean numeric = "id".equals(field);
if (!numeric) cond.append("'");
cond.append(value);
if (!numeric) cond.append("'");
}
return cond.toString();
}
protected boolean assertNotNull(String string) {
return string != null && string.length() > 0;
}
protected boolean assertNotNull(Integer integ) {
return integ != null;
}
protected void replaceKey(Map<String, String> whereParams, String shortKey, String regularKey) {
if (whereParams.containsKey(shortKey)) {
String value = whereParams.get(shortKey);
whereParams.remove(shortKey);
whereParams.put(regularKey, value);
}
}
protected String getOrderBy() {
return "ORDER BY obj.name ASC";
}
}

50
hsarback/src/de/hsadmin/remote/EMailAddressRemote.java
View File

@ -3,17 +3,47 @@ package de.hsadmin.remote;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer; import java.util.StringTokenizer;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.model.Transaction; import de.hsadmin.core.model.LoginBeanLocal;
import de.hsadmin.core.model.LoginSessionLocal;
import de.hsadmin.core.model.Module;
import de.hsadmin.core.model.TechnicalException;
import de.hsadmin.mods.dom.Domain; import de.hsadmin.mods.dom.Domain;
import de.hsadmin.mods.email.EMailAddress; import de.hsadmin.mods.email.EMailAddress;
public class EMailAddressRemote extends AbstractRemote { public class EMailAddressRemote extends EJBAbstractRemote {
private LoginBeanLocal login;
private LoginSessionLocal session;
private Module module;
public EMailAddressRemote() {
Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "org.apache.openejb.core.LocalInitialContextFactory");
Context ctx = null;
try {
ctx = new InitialContext(props);
session = (LoginSessionLocal) ctx.lookup("LoginSessionLocal");
login = (LoginBeanLocal) ctx.lookup("LoginBeanLocal");
module = (Module) ctx.lookup("EMailAddressModuleLocal");
} catch (NamingException e) {
throw new TechnicalException(e);
} finally {
if (ctx != null) {
try { ctx.close(); } catch (NamingException e) { }
}
}
}
@Override @Override
protected void entity2map(Transaction tx, AbstractEntity entity, Map<String, Object> map) { protected void entity2map(AbstractEntity entity, Map<String, Object> map) {
EMailAddress adr = (EMailAddress) entity; EMailAddress adr = (EMailAddress) entity;
long id = adr.getId(); long id = adr.getId();
String domain = adr.getDomain().getName(); String domain = adr.getDomain().getName();
@ -43,7 +73,7 @@ public class EMailAddressRemote extends AbstractRemote {
} }
@Override @Override
protected void map2entity(Transaction tx, Map<String, Object> map, AbstractEntity entity) { protected void map2entity(Map<String, Object> map, AbstractEntity entity) {
EMailAddress adr = (EMailAddress) entity; EMailAddress adr = (EMailAddress) entity;
String localpart = (String) map.get("localpart"); String localpart = (String) map.get("localpart");
if (assertNotNull(localpart)) { if (assertNotNull(localpart)) {
@ -96,4 +126,16 @@ public class EMailAddressRemote extends AbstractRemote {
return "ORDER BY obj.domain.name ASC, obj.subdomain ASC, obj.localpart ASC"; return "ORDER BY obj.domain.name ASC, obj.subdomain ASC, obj.localpart ASC";
} }
public LoginBeanLocal getLogin() {
return login;
}
public LoginSessionLocal getSession() {
return session;
}
public Module getModule() {
return module;
}
} }

154
hsarback/src/de/hsadmin/remote/EMailAliasRemote.java
View File

@ -1,9 +1,7 @@
package de.hsadmin.remote; package de.hsadmin.remote;
import java.lang.reflect.Constructor;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date; import java.util.Date;
import java.util.HashMap;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -15,15 +13,13 @@ import javax.naming.InitialContext;
import javax.naming.NamingException; import javax.naming.NamingException;
import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.core.model.LoginBeanLocal; import de.hsadmin.core.model.LoginBeanLocal;
import de.hsadmin.core.model.LoginSessionLocal; import de.hsadmin.core.model.LoginSessionLocal;
import de.hsadmin.core.model.Module; import de.hsadmin.core.model.Module;
import de.hsadmin.core.model.TechnicalException;
import de.hsadmin.mods.email.EMailAlias; import de.hsadmin.mods.email.EMailAlias;
import de.hsadmin.mods.user.UnixUser;
public class EMailAliasRemote { public class EMailAliasRemote extends EJBAbstractRemote {
private LoginBeanLocal login; private LoginBeanLocal login;
private LoginSessionLocal session; private LoginSessionLocal session;
@ -39,143 +35,19 @@ public class EMailAliasRemote {
login = (LoginBeanLocal) ctx.lookup("LoginBeanLocal"); login = (LoginBeanLocal) ctx.lookup("LoginBeanLocal");
module = (Module) ctx.lookup("EMailAliasModuleLocal"); module = (Module) ctx.lookup("EMailAliasModuleLocal");
} catch (NamingException e) { } catch (NamingException e) {
e.printStackTrace(); throw new TechnicalException(e);
} finally {
if (ctx != null) {
try { ctx.close(); } catch (NamingException e) { }
} }
} }
public List<Map<String, Object>> search(String runAsUser, String ticket,
Map<String, String> whereParams) throws HSAdminException {
String user = runAsUser;
try {
session.setLoginUser(login.login(user, ticket));
UnixUser unixUser = session.getLoginUser();
List<AbstractEntity> list = module.search(session, getEntityClass(),
buildQueryCondition(whereParams), null);
if (list == null) {
throw new HSAdminException("result list is null, runtime-error?");
}
ArrayList<Map<String, Object>> result = new ArrayList<Map<String, Object>>();
for (AbstractEntity e : list) {
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(e, entry);
if (e.isReadAllowedFor(unixUser)) {
result.add(entry);
}
}
return result;
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (IllegalArgumentException e) {
throw new HSAdminException(e);
}
}
public Map<String, Object> add(String runAsUser, String ticket,
Map<String, Object> setParams) throws HSAdminException {
String user = runAsUser;
try {
session.setLoginUser(login.login(user, ticket));
Constructor<? extends AbstractEntity> constructor =
getEntityClass().getConstructor();
AbstractEntity entity = constructor.newInstance();
module.initialize(session, entity);
map2entity(setParams, entity);
AbstractEntity insertedEntity = module.add(session, entity);
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(insertedEntity, entry);
return entry;
} catch (Exception e) {
throw new HSAdminException(e);
}
}
public void delete(String runAsUser, String ticket,
Map<String, String> whereParams) throws HSAdminException {
String user = runAsUser;
try {
session.setLoginUser(login.login(user, ticket));
UnixUser unixUser = session.getLoginUser();
String queryCondition = buildQueryCondition(whereParams);
if (queryCondition == null || queryCondition.length() == 0) {
throw new HSAdminException(
"better safe than sorry: no where parameter found");
}
List<AbstractEntity> list = module.search(session, getEntityClass(),
queryCondition, null);
for (AbstractEntity e : list) {
if (e.isWriteAllowedFor(unixUser)) {
module.delete(session, e);
} else {
throw new AuthorisationException(unixUser, "delete", e);
}
}
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (IllegalArgumentException e) {
throw new HSAdminException(e);
}
}
public List<Map<String, Object>> update(String runAsUser, String ticket,
Map<String, Object> setParams, Map<String, String> whereParams)
throws HSAdminException {
String user = runAsUser;
try {
session.setLoginUser(login.login(user, ticket));
UnixUser unixUser = session.getLoginUser();
ArrayList<Map<String, Object>> result = new ArrayList<Map<String, Object>>();
String queryCondition = buildQueryCondition(whereParams);
if (queryCondition == null || queryCondition.length() == 0) {
throw new HSAdminException(
"better safe than sorry: no where parameter found");
}
List<AbstractEntity> list = module.search(session, getEntityClass(),
queryCondition, getOrderBy());
for (AbstractEntity update : list) {
if (update.isWriteAllowedFor(unixUser)) {
module.detach(update);
map2entity(setParams, update);
update = module.update(session, update);
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(update, entry);
result.add(entry);
} else {
throw new AuthorisationException(unixUser, "update", update);
}
}
return result;
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (IllegalArgumentException e) {
throw new HSAdminException(e);
}
}
protected String getOrderBy() {
return "ORDER BY obj.name ASC";
}
protected boolean assertNotNull(String string) {
return string != null && string.length() > 0;
}
protected boolean assertNotNull(Integer integ) {
return integ != null;
}
protected void replaceKey(Map<String, String> whereParams, String shortKey, String regularKey) {
if (whereParams.containsKey(shortKey)) {
String value = whereParams.get(shortKey);
whereParams.remove(shortKey);
whereParams.put(regularKey, value);
}
} }
protected boolean assertNotNull(Date aDate) { protected boolean assertNotNull(Date aDate) {
return aDate != null; return aDate != null;
} }
private String buildQueryCondition(Map<String, String> whereParams) { String buildQueryCondition(Map<String, String> whereParams) {
regularizeKeys(whereParams); regularizeKeys(whereParams);
StringBuffer cond = new StringBuffer(); StringBuffer cond = new StringBuffer();
Iterator<String> keyIterator = whereParams.keySet().iterator(); Iterator<String> keyIterator = whereParams.keySet().iterator();
@ -255,4 +127,16 @@ public class EMailAliasRemote {
replaceKey(whereParams, "pac", "pac.name"); replaceKey(whereParams, "pac", "pac.name");
} }
public LoginBeanLocal getLogin() {
return login;
}
public LoginSessionLocal getSession() {
return session;
}
public Module getModule() {
return module;
}
} }

3
hsarweb/conf/WEB-INF/web.xml
View File

@ -57,7 +57,7 @@
</init-param> </init-param>
</filter> </filter>
<!--
<filter-mapping> <filter-mapping>
<filter-name>CAS Validation Filter</filter-name> <filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern> <url-pattern>/*</url-pattern>
@ -67,6 +67,7 @@
<filter-name>CAS Authentication Filter</filter-name> <filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern> <url-pattern>/*</url-pattern>
</filter-mapping> </filter-mapping>
-->
<servlet> <servlet>
<servlet-name>Logout Servlet</servlet-name> <servlet-name>Logout Servlet</servlet-name>