use stateful bean

This commit is contained in:
Peter Hormanns 2013-06-28 15:56:53 +02:00
parent 77d85ba91e
commit 46bde679fe
6 changed files with 243 additions and 184 deletions

View File

@ -13,7 +13,7 @@ import de.hsadmin.mods.pac.Pac;
import de.hsadmin.mods.user.UnixUser;
@Stateless
public class LoginSession {
public class LoginSession implements LoginSessionLocal {
@PersistenceContext(name="hsadmin")
private EntityManager entityManager;

View File

@ -0,0 +1,17 @@
package de.hsadmin.core.model;
import javax.ejb.Local;
import de.hsadmin.mods.user.UnixUser;
@Local
public interface LoginSessionLocal {
public abstract UnixUser getLoginUser();
public abstract String getLoginName();
public abstract boolean login(String user, String ticket)
throws AuthenticationException;
}

View File

@ -0,0 +1,23 @@
package de.hsadmin.core.model;
import java.util.List;
import javax.ejb.Local;
@Local
public interface Module {
public AbstractEntity initialize(LoginSessionLocal session, AbstractEntity newEntity) throws HSAdminException;
public AbstractEntity find(LoginSessionLocal session, Class<? extends AbstractEntity> entityClass, Object key) throws HSAdminException;
public AbstractEntity findByString(LoginSessionLocal session, Class<? extends AbstractEntity> entityClass, String key) throws HSAdminException;
public List<AbstractEntity> search(LoginSessionLocal session, Class<? extends AbstractEntity> entityClass, String query, String orderBy) throws HSAdminException;
public AbstractEntity add(LoginSessionLocal session, AbstractEntity newEntity) throws HSAdminException;
public AbstractEntity update(LoginSessionLocal session, AbstractEntity existingEntity) throws HSAdminException;
public void delete(LoginSessionLocal session, AbstractEntity existingEntity) throws HSAdminException;
}

View File

@ -0,0 +1,12 @@
package de.hsadmin.core.model;
import javax.ejb.Local;
import de.hsadmin.core.qserv.QueueTask;
@Local
public interface QueueManagerLocal {
public abstract void enqueue(String hiveName, QueueTask task);
}

View File

@ -13,10 +13,10 @@ import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import de.hsadmin.core.model.AbstractEntity;
import de.hsadmin.core.model.AbstractModuleImpl;
import de.hsadmin.core.model.AuthorisationException;
import de.hsadmin.core.model.HSAdminException;
import de.hsadmin.core.model.LoginSession;
import de.hsadmin.core.model.LoginSessionLocal;
import de.hsadmin.core.model.Module;
import de.hsadmin.core.model.QueueManager;
import de.hsadmin.core.qserv.EntityProcessorFactory;
import de.hsadmin.core.qserv.NullProcessor;
@ -28,191 +28,18 @@ import de.hsadmin.mods.pac.Pac;
import de.hsadmin.mods.user.UnixUser;
@Stateless
public class EMailAliasModuleImpl extends AbstractModuleImpl {
public class EMailAliasModuleImpl implements Module {
@PersistenceContext(name="hsadmin")
private EntityManager entityManager;
@EJB
private LoginSession session;
@EJB
private QueueManager queueManager;
@Override
public List<AbstractEntity> search(Class<? extends AbstractEntity> entityClass,
String condition, String orderBy) throws HSAdminException {
if (orderBy == null || orderBy.length() == 0) {
orderBy = "ORDER BY obj.name ASC";
}
return super.search(entityClass, condition, orderBy);
}
@Override
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
EMailAlias alias = (EMailAlias) newEntity;
String name = alias.getName();
if (name.length() > 5 && (name.charAt(5) != '-') || name.length() == 6) {
throw new AuthorisationException(loginUser, "add", newEntity);
}
Query qPac = entityManager.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
qPac.setParameter("pacName", name.substring(0, 5));
Object singleResult = qPac.getSingleResult();
Pac pac = (Pac) singleResult;
if (pac == null || !pac.isReadAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", newEntity);
}
if (!name.startsWith(pac.getName())) {
throw new AuthorisationException(loginUser, "add", newEntity);
}
//TODO: Needs better implementation
String pacType = pac.getBasepac().getName();
if (!pacType.equals(BasePacType.PAC_WEB) && !pacType.equals(BasePacType.PAC_DW) && !pacType.equals(BasePacType.PAC_SW)) {
throw new HSAdminException("not allowed for this packet type");
}
//TODO: Needs better implementation
Query qEmailAliases = entityManager.createQuery("SELECT obj FROM EMailAliases obj WHERE obj.pac.id = :pacId");
qEmailAliases.setParameter("pacId", pac.getId());
Query qEmailAddresses = entityManager.createQuery("SELECT obj FROM EMailAddresses obj WHERE obj.domain.user.pac.id = :pacId");
qEmailAddresses.setParameter("pacId", pac.getId());
if (qEmailAliases.getResultList().size() + qEmailAddresses.getResultList().size() >= MultiOption.EMAIL_ITEMS_PER_OPTION * pac.getQuantityByComponentName("MULTI")) {
throw new HSAdminException("included email addresses/aliases exceeded");
}
alias.setPac(pac);
return super.add(newEntity);
}
public void detach(AbstractEntity attached) {
entityManager.detach(attached);
}
// TODO extract copied code
public AbstractEntity initialize(AbstractEntity newEntity)
throws AuthorisationException {
newEntity.initialize(entityManager, session.getLoginUser());
return newEntity;
}
public AbstractEntity superadd(AbstractEntity newEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
newEntity.complete(entityManager, loginUser);
entityManager.persist(newEntity);
if (!newEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", newEntity);
}
EntityProcessorFactory procFact = createProcessorFactory(newEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createCreateProcessor(entityManager, newEntity);
queueProcessor(proc, loginUser, newEntity, "hinzugefuegt");
}
return newEntity;
}
public AbstractEntity find(Class<? extends AbstractEntity> entityClass, Object key) throws HSAdminException {
AbstractEntity entity = entityManager.find(entityClass, key);
UnixUser loginUser = session.getLoginUser();
if (!entity.isReadAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", entity);
}
return entity;
}
public AbstractEntity findByString(Class<? extends AbstractEntity> entityClass, String key) throws HSAdminException {
Method method = null;
try {
method = entityClass.getDeclaredMethod("createQueryFromStringKey", String.class);
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (NoSuchMethodException e) {
method = null;
}
AbstractEntity entity = null;
if (method == null) {
entity = entityManager.find(entityClass, key);
}
else {
String query = null;
try {
query = (String) method.invoke(null, key);
} catch (Exception e) {
throw new HSAdminException(e);
}
List<AbstractEntity> result = search(entityClass, query, null);
if (result.size() > 1) throw new NonUniqueResultException();
if (result.size() == 0) return null;
entity = result.get(0);
}
return entity;
}
public List<AbstractEntity> supersearch(Class<? extends AbstractEntity> entityClass, String condition, String orderBy) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
condition = restrict(entityClass, loginUser, condition);
Entity entityAnnot = entityClass.getAnnotation(Entity.class);
String queryString = "SELECT obj FROM " + entityAnnot.name() + " obj";
if (condition != null && condition.length() > 0) {
queryString += " WHERE " + condition;
}
if (condition != null && condition.contains("AND (FALSE)")) {
return new LinkedList<AbstractEntity>();
}
if (orderBy != null) {
queryString += " ";
queryString += orderBy;
}
entityManager.clear();
Query query = entityManager.createQuery(queryString);
setQueryParameter(query, queryString, "loginUser", loginUser);
setQueryParameter(query, queryString, "loginUserName", loginUser.getName());
setQueryParameter(query, queryString, "loginUserPac", loginUser.getPac());
try {
List<?> res = query.getResultList();
List<AbstractEntity> ret = new LinkedList<AbstractEntity>();
// remove entities where login user has no access rights
for (Object entity : res) {
if (entity instanceof AbstractEntity) {
AbstractEntity returnedEntity = (AbstractEntity) entity;
if (returnedEntity.isReadAllowedFor(session.getLoginUser())) {
ret.add(returnedEntity);
}
}
}
return ret;
} catch (Exception ex) {
throw new HSAdminException(ex);
}
}
public AbstractEntity update(AbstractEntity existingEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = existingEntity.merge(entityManager, loginUser);
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "update", existingEntity);
}
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createUpdateProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "aktualisiert");
}
return existingEntity;
}
public void delete(AbstractEntity existingEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = entityManager.find(existingEntity.getClass(), existingEntity.id());
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", existingEntity);
}
entityManager.remove(existingEntity);
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createDeleteProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "geloescht");
}
}
protected EntityProcessorFactory createProcessorFactory(Class<? extends AbstractEntity> entityClass)
throws HSAdminException {
String procFactName = entityClass.getCanonicalName() + "ProcessorFactory";
@ -282,5 +109,185 @@ public class EMailAliasModuleImpl extends AbstractModuleImpl {
}
}
@Override
public AbstractEntity initialize(LoginSessionLocal session,
AbstractEntity newEntity) throws HSAdminException {
newEntity.initialize(entityManager, session.getLoginUser());
return newEntity;
}
@Override
public AbstractEntity find(LoginSessionLocal session,
Class<? extends AbstractEntity> entityClass, Object key)
throws HSAdminException {
AbstractEntity entity = entityManager.find(entityClass, key);
UnixUser loginUser = session.getLoginUser();
if (!entity.isReadAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", entity);
}
return entity;
}
@Override
public AbstractEntity findByString(LoginSessionLocal session,
Class<? extends AbstractEntity> entityClass, String key)
throws HSAdminException {
Method method = null;
try {
method = entityClass.getDeclaredMethod("createQueryFromStringKey", String.class);
} catch (SecurityException e) {
throw new HSAdminException(e);
} catch (NoSuchMethodException e) {
method = null;
}
AbstractEntity entity = null;
if (method == null) {
entity = entityManager.find(entityClass, key);
}
else {
String query = null;
try {
query = (String) method.invoke(null, key);
} catch (Exception e) {
throw new HSAdminException(e);
}
List<AbstractEntity> result = search(session, entityClass, query, null);
if (result.size() > 1) throw new NonUniqueResultException();
if (result.size() == 0) return null;
entity = result.get(0);
}
return entity;
}
@Override
public List<AbstractEntity> search(LoginSessionLocal session,
Class<? extends AbstractEntity> entityClass, String condition,
String orderBy) throws HSAdminException {
if (orderBy == null || orderBy.length() == 0) {
orderBy = "ORDER BY obj.name ASC";
}
UnixUser loginUser = session.getLoginUser();
condition = restrict(entityClass, loginUser, condition);
Entity entityAnnot = entityClass.getAnnotation(Entity.class);
String queryString = "SELECT obj FROM " + entityAnnot.name() + " obj";
if (condition != null && condition.length() > 0) {
queryString += " WHERE " + condition;
}
if (condition != null && condition.contains("AND (FALSE)")) {
return new LinkedList<AbstractEntity>();
}
if (orderBy != null) {
queryString += " ";
queryString += orderBy;
}
entityManager.clear();
Query query = entityManager.createQuery(queryString);
setQueryParameter(query, queryString, "loginUser", loginUser);
setQueryParameter(query, queryString, "loginUserName", loginUser.getName());
setQueryParameter(query, queryString, "loginUserPac", loginUser.getPac());
try {
List<?> res = query.getResultList();
List<AbstractEntity> ret = new LinkedList<AbstractEntity>();
// remove entities where login user has no access rights
for (Object entity : res) {
if (entity instanceof AbstractEntity) {
AbstractEntity returnedEntity = (AbstractEntity) entity;
if (returnedEntity.isReadAllowedFor(session.getLoginUser())) {
ret.add(returnedEntity);
}
}
}
return ret;
} catch (Exception ex) {
throw new HSAdminException(ex);
}
}
@Override
public AbstractEntity add(LoginSessionLocal session,
AbstractEntity newEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
EMailAlias alias = (EMailAlias) newEntity;
String name = alias.getName();
if (name.length() > 5 && (name.charAt(5) != '-') || name.length() == 6) {
throw new AuthorisationException(loginUser, "add", newEntity);
}
Query qPac = entityManager.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
qPac.setParameter("pacName", name.substring(0, 5));
Object singleResult = qPac.getSingleResult();
Pac pac = (Pac) singleResult;
if (pac == null || !pac.isReadAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", newEntity);
}
if (!name.startsWith(pac.getName())) {
throw new AuthorisationException(loginUser, "add", newEntity);
}
//TODO: Needs better implementation
String pacType = pac.getBasepac().getName();
if (!pacType.equals(BasePacType.PAC_WEB) && !pacType.equals(BasePacType.PAC_DW) && !pacType.equals(BasePacType.PAC_SW)) {
throw new HSAdminException("not allowed for this packet type");
}
//TODO: Needs better implementation
Query qEmailAliases = entityManager.createQuery("SELECT obj FROM EMailAliases obj WHERE obj.pac.id = :pacId");
qEmailAliases.setParameter("pacId", pac.getId());
Query qEmailAddresses = entityManager.createQuery("SELECT obj FROM EMailAddresses obj WHERE obj.domain.user.pac.id = :pacId");
qEmailAddresses.setParameter("pacId", pac.getId());
if (qEmailAliases.getResultList().size() + qEmailAddresses.getResultList().size() >= MultiOption.EMAIL_ITEMS_PER_OPTION * pac.getQuantityByComponentName("MULTI")) {
throw new HSAdminException("included email addresses/aliases exceeded");
}
alias.setPac(pac);
UnixUser loginUser1 = session.getLoginUser();
newEntity.complete(entityManager, loginUser1);
entityManager.persist(newEntity);
if (!newEntity.isWriteAllowedFor(loginUser1)) {
throw new AuthorisationException(loginUser1, "add", newEntity);
}
EntityProcessorFactory procFact = createProcessorFactory(newEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createCreateProcessor(entityManager, newEntity);
queueProcessor(proc, loginUser1, newEntity, "hinzugefuegt");
}
return newEntity;
}
@Override
public AbstractEntity update(LoginSessionLocal session,
AbstractEntity existingEntity) throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = existingEntity.merge(entityManager, loginUser);
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "update", existingEntity);
}
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createUpdateProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "aktualisiert");
}
return existingEntity;
}
@Override
public void delete(LoginSessionLocal session, AbstractEntity existingEntity)
throws HSAdminException {
UnixUser loginUser = session.getLoginUser();
existingEntity = entityManager.find(existingEntity.getClass(), existingEntity.id());
if (!existingEntity.isWriteAllowedFor(loginUser)) {
throw new AuthorisationException(loginUser, "add", existingEntity);
}
entityManager.remove(existingEntity);
EntityProcessorFactory procFact = createProcessorFactory(existingEntity.getClass());
if (procFact != null) {
Processor proc = procFact.createDeleteProcessor(entityManager, existingEntity);
queueProcessor(proc, loginUser, existingEntity, "geloescht");
}
}
}

View File

@ -34,7 +34,7 @@ public class EMailAliasRemote {
try {
if (session.login(user, ticket)) {
UnixUser unixUser = session.getLoginUser();
List<AbstractEntity> list = module.search(getEntityClass(),
List<AbstractEntity> list = module.search(session, getEntityClass(),
buildQueryCondition(whereParams), null);
if (list == null) {
throw new HSAdminException("result list is null, runtime-error?");
@ -66,9 +66,9 @@ public class EMailAliasRemote {
Constructor<? extends AbstractEntity> constructor =
getEntityClass().getConstructor();
AbstractEntity entity = constructor.newInstance();
module.initialize(entity);
module.initialize(session, entity);
map2entity(setParams, entity);
AbstractEntity insertedEntity = module.add(entity);
AbstractEntity insertedEntity = module.add(session, entity);
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(insertedEntity, entry);
return entry;
@ -91,11 +91,11 @@ public class EMailAliasRemote {
throw new HSAdminException(
"better safe than sorry: no where parameter found");
}
List<AbstractEntity> list = module.search(getEntityClass(),
List<AbstractEntity> list = module.search(session, getEntityClass(),
queryCondition, null);
for (AbstractEntity e : list) {
if (e.isWriteAllowedFor(unixUser)) {
module.delete(e);
module.delete(session, e);
} else {
throw new AuthorisationException(unixUser, "delete", e);
}
@ -123,13 +123,13 @@ public class EMailAliasRemote {
throw new HSAdminException(
"better safe than sorry: no where parameter found");
}
List<AbstractEntity> list = module.search(getEntityClass(),
List<AbstractEntity> list = module.search(session, getEntityClass(),
queryCondition, getOrderBy());
for (AbstractEntity update : list) {
if (update.isWriteAllowedFor(unixUser)) {
module.detach(update);
map2entity(setParams, update);
update = module.update(update);
update = module.update(session, update);
HashMap<String, Object> entry = new HashMap<String, Object>();
entity2map(update, entry);
result.add(entry);