package de.hsadmin.remote; import java.lang.reflect.Constructor; import java.util.ArrayList; import java.util.Date; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import de.hsadmin.core.model.AuthenticationException; import de.hsadmin.core.model.AuthorisationException; import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.GenericModuleImpl; import de.hsadmin.core.model.HSAdminException; import de.hsadmin.core.model.ModuleInterface; import de.hsadmin.core.model.TicketAuthentication; import de.hsadmin.core.model.Transaction; import de.hsadmin.mods.user.UnixUser; public abstract class AbstractRemote implements IRemote { private TicketAuthentication authentication; public AbstractRemote() { authentication = new TicketAuthentication(); } protected abstract Class getEntityClass(); protected abstract void entity2map(AbstractEntity entity, Map resultMap); protected abstract void map2entity(Map setParams, AbstractEntity entity); protected abstract void regularizeKeys(Map whereParams); public List> search(String runAsUser, String ticket, Map whereParams) throws HSAdminException { String user = runAsUser; Transaction transaction = new Transaction(user); try { if (authentication.login(user, ticket)) { ModuleInterface module = new GenericModuleImpl(transaction); UnixUser unixUser = transaction.getLoginUser(); List list = module.search(getEntityClass(), buildQueryCondition(whereParams), null); if (list == null) { throw new HSAdminException("result list is null, runtime-error?"); } ArrayList> result = new ArrayList>(); for (AbstractEntity e : list) { HashMap entry = new HashMap(); entity2map(e, entry); if (e.isReadAllowedFor(unixUser)) { result.add(entry); } } return result; } else { throw new AuthenticationException("authentication failed"); } } catch (SecurityException e) { throw new HSAdminException(e); } catch (IllegalArgumentException e) { throw new HSAdminException(e); } finally { transaction.close(); } } public Map add(String runAsUser, String ticket, Map setParams) throws HSAdminException { String user = runAsUser; Transaction transaction = new Transaction(user); try { if (authentication.login(user, ticket)) { ModuleInterface module = new GenericModuleImpl(transaction); Constructor constructor = getEntityClass().getConstructor(); AbstractEntity entity = constructor.newInstance(); map2entity(setParams, entity); transaction.beginTransaction(); AbstractEntity insertedEntity = module.add(entity); transaction.commitTransaction(); HashMap entry = new HashMap(); entity2map(insertedEntity, entry); return entry; } else { throw new AuthenticationException("authentication failed"); } } catch (Exception e) { throw new HSAdminException(e); } finally { transaction.close(); } } public void delete(String runAsUser, String ticket, Map whereParams) throws HSAdminException { String user = runAsUser; Transaction transaction = new Transaction(user); try { if (authentication.login(user, ticket)) { ModuleInterface module = new GenericModuleImpl(transaction); UnixUser unixUser = transaction.getLoginUser(); String queryCondition = buildQueryCondition(whereParams); if (queryCondition == null || queryCondition.length() == 0) { throw new HSAdminException( "better safe than sorry: no where parameter found"); } List list = module.search(getEntityClass(), queryCondition, null); transaction.beginTransaction(); for (AbstractEntity e : list) { if (e.isWriteAllowedFor(unixUser)) { module.delete(e); } else { throw new AuthorisationException(unixUser, "delete", e); } } transaction.commitTransaction(); } else { throw new AuthenticationException("authentication failed"); } } catch (SecurityException e) { throw new HSAdminException(e); } catch (IllegalArgumentException e) { throw new HSAdminException(e); } finally { transaction.close(); } } public List> update(String runAsUser, String ticket, Map setParams, Map whereParams) throws HSAdminException { String user = runAsUser; Transaction transaction = new Transaction(user); try { if (authentication.login(user, ticket)) { ModuleInterface module = new GenericModuleImpl(transaction); UnixUser unixUser = transaction.getLoginUser(); ArrayList> result = new ArrayList>(); String queryCondition = buildQueryCondition(whereParams); if (queryCondition == null || queryCondition.length() == 0) { throw new HSAdminException( "better safe than sorry: no where parameter found"); } List list = module.search(getEntityClass(), queryCondition, getOrderBy()); transaction.beginTransaction(); for (AbstractEntity update : list) { if (update.isWriteAllowedFor(unixUser)) { transaction.detach(update); map2entity(setParams, update); update = module.update(update); HashMap entry = new HashMap(); entity2map(update, entry); result.add(entry); } else { throw new AuthorisationException(unixUser, "update", update); } } transaction.commitTransaction(); return result; } else { throw new AuthenticationException("authentication failed"); } } catch (SecurityException e) { throw new HSAdminException(e); } catch (IllegalArgumentException e) { throw new HSAdminException(e); } finally { transaction.close(); } } public String getOrderBy() { return "ORDER BY obj.name ASC"; } protected boolean assertNotNull(String string) { return string != null && string.length() > 0; } protected boolean assertNotNull(Integer integ) { return integ != null; } protected void replaceKey(Map whereParams, String shortKey, String regularKey) { if (whereParams.containsKey(shortKey)) { String value = whereParams.get(shortKey); whereParams.remove(shortKey); whereParams.put(regularKey, value); } } protected boolean assertNotNull(Date aDate) { return aDate != null; } private String buildQueryCondition(Map whereParams) { regularizeKeys(whereParams); StringBuffer cond = new StringBuffer(); Iterator keyIterator = whereParams.keySet().iterator(); while (keyIterator.hasNext()) { if (cond.length() > 0) { cond.append(" AND "); } String field = keyIterator.next(); String value = whereParams.get(field).replaceAll("'", "\'"); cond.append("obj."); cond.append(field); cond.append(" = "); boolean numeric = "id".equals(field); if (!numeric) cond.append("'"); cond.append(value); if (!numeric) cond.append("'"); } return cond.toString(); } }