package de.hsadmin.mods.db; import java.util.List; import javax.persistence.EntityManager; import javax.persistence.Query; import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.AbstractModuleImpl; import de.hsadmin.core.model.AuthorisationException; import de.hsadmin.core.model.HSAdminException; import de.hsadmin.mods.pac.Pac; import de.hsadmin.mods.user.UnixUser; public class MySqlDatabaseModuleImpl extends AbstractModuleImpl { @Override public List search(Class entityClass, String condition, String orderBy) throws HSAdminException { if (orderBy == null || orderBy.length() == 0) { orderBy = "ORDER BY obj.name ASC"; } return super.search(entityClass, condition, orderBy); } @Override public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException { MySqlDatabase database = (MySqlDatabase) newEntity; String name = database.getName(); if (name.length() < 7 || name.charAt(5) != '_') { throw new AuthorisationException(getLoginUser(), "add", newEntity); } EntityManager em = getTransaction().getEntityManager(); Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName"); qPac.setParameter("pacName", name.substring(0, 5)); Object singleResult = qPac.getSingleResult(); Pac pac = (Pac) singleResult; if (pac == null || !pac.isReadAllowedFor(getLoginUser())) { throw new AuthorisationException(getLoginUser(), "add", newEntity); } return super.add(newEntity); } @Override public AbstractEntity update(AbstractEntity existingEntity) throws HSAdminException { EntityManager em = getTransaction().getEntityManager(); UnixUser unixUser = getLoginUser(); MySqlDatabase detachtedDB = (MySqlDatabase) existingEntity; MySqlDatabase attachedDB = em.find(MySqlDatabase.class, detachtedDB.getId()); if (!attachedDB.getName().equals(detachtedDB.getName())) { throw new AuthorisationException(unixUser, "update", existingEntity, "name"); } if (!attachedDB.getEncoding().equals(detachtedDB.getEncoding())) { throw new AuthorisationException(unixUser, "update", existingEntity, "encoding"); } if (!attachedDB.getInstance().equals(detachtedDB.getInstance())) { throw new AuthorisationException(unixUser, "update", existingEntity, "instance"); } return super.update(existingEntity); } }