Database Namen pruefen
This commit is contained in:
parent
2cdb8a77ff
commit
835dbfaaab
@ -3,11 +3,13 @@ package de.hsadmin.mods.db;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import javax.persistence.EntityManager;
|
import javax.persistence.EntityManager;
|
||||||
|
import javax.persistence.Query;
|
||||||
|
|
||||||
import de.hsadmin.core.model.AbstractEntity;
|
import de.hsadmin.core.model.AbstractEntity;
|
||||||
import de.hsadmin.core.model.AbstractModuleImpl;
|
import de.hsadmin.core.model.AbstractModuleImpl;
|
||||||
import de.hsadmin.core.model.AuthorisationException;
|
import de.hsadmin.core.model.AuthorisationException;
|
||||||
import de.hsadmin.core.model.HSAdminException;
|
import de.hsadmin.core.model.HSAdminException;
|
||||||
|
import de.hsadmin.mods.pac.Pac;
|
||||||
import de.hsadmin.mods.user.UnixUser;
|
import de.hsadmin.mods.user.UnixUser;
|
||||||
|
|
||||||
public class MySqlDatabaseModuleImpl extends AbstractModuleImpl {
|
public class MySqlDatabaseModuleImpl extends AbstractModuleImpl {
|
||||||
@ -25,11 +27,15 @@ public class MySqlDatabaseModuleImpl extends AbstractModuleImpl {
|
|||||||
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
||||||
MySqlDatabase database = (MySqlDatabase) newEntity;
|
MySqlDatabase database = (MySqlDatabase) newEntity;
|
||||||
String name = database.getName();
|
String name = database.getName();
|
||||||
String pacname = database.getPac().getName();
|
if (name.length() < 7 || name.charAt(5) != '_') {
|
||||||
if (!name.startsWith(pacname) || name.length() < 7) {
|
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
}
|
}
|
||||||
if (name.charAt(5) != '_') {
|
EntityManager em = getTransaction().getEntityManager();
|
||||||
|
Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
|
||||||
|
qPac.setParameter("pacName", name.substring(0, 5));
|
||||||
|
Object singleResult = qPac.getSingleResult();
|
||||||
|
Pac pac = (Pac) singleResult;
|
||||||
|
if (pac == null || !pac.isReadAllowedFor(getLoginUser())) {
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
}
|
}
|
||||||
return super.add(newEntity);
|
return super.add(newEntity);
|
||||||
|
@ -2,10 +2,14 @@ package de.hsadmin.mods.db;
|
|||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
import javax.persistence.EntityManager;
|
||||||
|
import javax.persistence.Query;
|
||||||
|
|
||||||
import de.hsadmin.core.model.AbstractEntity;
|
import de.hsadmin.core.model.AbstractEntity;
|
||||||
import de.hsadmin.core.model.AbstractModuleImpl;
|
import de.hsadmin.core.model.AbstractModuleImpl;
|
||||||
import de.hsadmin.core.model.AuthorisationException;
|
import de.hsadmin.core.model.AuthorisationException;
|
||||||
import de.hsadmin.core.model.HSAdminException;
|
import de.hsadmin.core.model.HSAdminException;
|
||||||
|
import de.hsadmin.mods.pac.Pac;
|
||||||
|
|
||||||
public class MySqlUserModuleImpl extends AbstractModuleImpl {
|
public class MySqlUserModuleImpl extends AbstractModuleImpl {
|
||||||
|
|
||||||
@ -13,14 +17,18 @@ public class MySqlUserModuleImpl extends AbstractModuleImpl {
|
|||||||
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
||||||
MySqlUser user = (MySqlUser) newEntity;
|
MySqlUser user = (MySqlUser) newEntity;
|
||||||
String name = user.getName();
|
String name = user.getName();
|
||||||
|
if (name.length() < 7 || name.charAt(5) != '_') {
|
||||||
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
|
}
|
||||||
if (name.length() > 16) {
|
if (name.length() > 16) {
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new HSAdminException("mysql database name max. length is 16 characters");
|
||||||
}
|
}
|
||||||
String pacname = user.getPac().getName();
|
EntityManager em = getTransaction().getEntityManager();
|
||||||
if (!name.startsWith(pacname) || name.length() < 7) {
|
Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
qPac.setParameter("pacName", name.substring(0, 5));
|
||||||
}
|
Object singleResult = qPac.getSingleResult();
|
||||||
if (name.charAt(5) != '_') {
|
Pac pac = (Pac) singleResult;
|
||||||
|
if (pac == null || !pac.isReadAllowedFor(getLoginUser())) {
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
}
|
}
|
||||||
return super.add(newEntity);
|
return super.add(newEntity);
|
||||||
|
@ -3,11 +3,13 @@ package de.hsadmin.mods.db;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import javax.persistence.EntityManager;
|
import javax.persistence.EntityManager;
|
||||||
|
import javax.persistence.Query;
|
||||||
|
|
||||||
import de.hsadmin.core.model.AbstractEntity;
|
import de.hsadmin.core.model.AbstractEntity;
|
||||||
import de.hsadmin.core.model.AbstractModuleImpl;
|
import de.hsadmin.core.model.AbstractModuleImpl;
|
||||||
import de.hsadmin.core.model.AuthorisationException;
|
import de.hsadmin.core.model.AuthorisationException;
|
||||||
import de.hsadmin.core.model.HSAdminException;
|
import de.hsadmin.core.model.HSAdminException;
|
||||||
|
import de.hsadmin.mods.pac.Pac;
|
||||||
import de.hsadmin.mods.user.UnixUser;
|
import de.hsadmin.mods.user.UnixUser;
|
||||||
|
|
||||||
public class PgSqlDatabaseModuleImpl extends AbstractModuleImpl {
|
public class PgSqlDatabaseModuleImpl extends AbstractModuleImpl {
|
||||||
@ -24,11 +26,15 @@ public class PgSqlDatabaseModuleImpl extends AbstractModuleImpl {
|
|||||||
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
||||||
PgSqlDatabase database = (PgSqlDatabase) newEntity;
|
PgSqlDatabase database = (PgSqlDatabase) newEntity;
|
||||||
String name = database.getName();
|
String name = database.getName();
|
||||||
String pacname = database.getPac().getName();
|
if (name.length() < 7 || name.charAt(5) != '_') {
|
||||||
if (!name.startsWith(pacname) || name.length() < 7) {
|
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
}
|
}
|
||||||
if (name.charAt(5) != '_') {
|
EntityManager em = getTransaction().getEntityManager();
|
||||||
|
Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
|
||||||
|
qPac.setParameter("pacName", name.substring(0, 5));
|
||||||
|
Object singleResult = qPac.getSingleResult();
|
||||||
|
Pac pac = (Pac) singleResult;
|
||||||
|
if (pac == null || !pac.isReadAllowedFor(getLoginUser())) {
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
}
|
}
|
||||||
return super.add(newEntity);
|
return super.add(newEntity);
|
||||||
|
@ -2,10 +2,14 @@ package de.hsadmin.mods.db;
|
|||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
import javax.persistence.EntityManager;
|
||||||
|
import javax.persistence.Query;
|
||||||
|
|
||||||
import de.hsadmin.core.model.AbstractEntity;
|
import de.hsadmin.core.model.AbstractEntity;
|
||||||
import de.hsadmin.core.model.AbstractModuleImpl;
|
import de.hsadmin.core.model.AbstractModuleImpl;
|
||||||
import de.hsadmin.core.model.AuthorisationException;
|
import de.hsadmin.core.model.AuthorisationException;
|
||||||
import de.hsadmin.core.model.HSAdminException;
|
import de.hsadmin.core.model.HSAdminException;
|
||||||
|
import de.hsadmin.mods.pac.Pac;
|
||||||
|
|
||||||
public class PgSqlUserModuleImpl extends AbstractModuleImpl {
|
public class PgSqlUserModuleImpl extends AbstractModuleImpl {
|
||||||
|
|
||||||
@ -13,11 +17,15 @@ public class PgSqlUserModuleImpl extends AbstractModuleImpl {
|
|||||||
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException {
|
||||||
PgSqlUser user = (PgSqlUser) newEntity;
|
PgSqlUser user = (PgSqlUser) newEntity;
|
||||||
String name = user.getName();
|
String name = user.getName();
|
||||||
String pacname = user.getPac().getName();
|
if (name.length() < 7 || name.charAt(5) != '_') {
|
||||||
if (!name.startsWith(pacname) || name.length() < 7) {
|
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
}
|
}
|
||||||
if (name.charAt(5) != '_') {
|
EntityManager em = getTransaction().getEntityManager();
|
||||||
|
Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName");
|
||||||
|
qPac.setParameter("pacName", name.substring(0, 5));
|
||||||
|
Object singleResult = qPac.getSingleResult();
|
||||||
|
Pac pac = (Pac) singleResult;
|
||||||
|
if (pac == null || !pac.isReadAllowedFor(getLoginUser())) {
|
||||||
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
throw new AuthorisationException(getLoginUser(), "add", newEntity);
|
||||||
}
|
}
|
||||||
return super.add(newEntity);
|
return super.add(newEntity);
|
||||||
|
Loading…
Reference in New Issue
Block a user