Repository: incubator-guacamole-client Updated Branches: refs/heads/master 414f4ca94 -> 54f38b107
GUACAMOLE-76: Query child object identifiers directly. Project: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/commit/a83b5c58 Tree: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/tree/a83b5c58 Diff: http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/diff/a83b5c58 Branch: refs/heads/master Commit: a83b5c585c5df63e6254dc62a88d1752fbcfa88e Parents: 414f4ca Author: Michael Jumper <[email protected]> Authored: Fri Aug 19 22:03:15 2016 -0700 Committer: Michael Jumper <[email protected]> Committed: Fri Aug 19 23:18:37 2016 -0700 ---------------------------------------------------------------------- .../auth/jdbc/connection/ConnectionModel.java | 34 ++++++++++ .../auth/jdbc/connection/ModeledConnection.java | 9 +-- .../connectiongroup/ConnectionGroupModel.java | 70 ++++++++++++++++++++ .../connectiongroup/ModeledConnectionGroup.java | 11 +-- .../sharingprofile/SharingProfileMapper.java | 39 ----------- .../sharingprofile/SharingProfileService.java | 38 ----------- .../auth/jdbc/connection/ConnectionMapper.xml | 38 +++++++++-- .../connectiongroup/ConnectionGroupMapper.xml | 63 ++++++++++++++++-- .../sharingprofile/SharingProfileMapper.xml | 19 ------ .../auth/jdbc/connection/ConnectionMapper.xml | 38 +++++++++-- .../connectiongroup/ConnectionGroupMapper.xml | 63 ++++++++++++++++-- .../sharingprofile/SharingProfileMapper.xml | 19 ------ 12 files changed, 293 insertions(+), 148 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionModel.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionModel.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionModel.java index 6d7b28b..0a1a475 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionModel.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionModel.java @@ -19,6 +19,8 @@ package org.apache.guacamole.auth.jdbc.connection; +import java.util.HashSet; +import java.util.Set; import org.apache.guacamole.auth.jdbc.base.GroupedObjectModel; /** @@ -54,6 +56,12 @@ public class ConnectionModel extends GroupedObjectModel { private Integer maxConnectionsPerUser; /** + * The identifiers of all readable sharing profiles associated with this + * connection. + */ + private Set<String> sharingProfileIdentifiers = new HashSet<String>(); + + /** * Creates a new, empty connection. */ public ConnectionModel() { @@ -152,6 +160,32 @@ public class ConnectionModel extends GroupedObjectModel { this.maxConnectionsPerUser = maxConnectionsPerUser; } + /** + * Returns the identifiers of all readable sharing profiles associated with + * this connection. This is set only when the connection is queried, and has + * no effect when a connection is inserted, updated, or deleted. + * + * @return + * The identifiers of all readable sharing profiles associated with + * this connection. + */ + public Set<String> getSharingProfileIdentifiers() { + return sharingProfileIdentifiers; + } + + /** + * Sets the identifiers of all readable sharing profiles associated with + * this connection. This should be set only when the connection is queried, + * as it has no effect when a connection is inserted, updated, or deleted. + * + * @param sharingProfileIdentifiers + * The identifiers of all readable sharing profiles associated with + * this connection. + */ + public void setSharingProfileIdentifiers(Set<String> sharingProfileIdentifiers) { + this.sharingProfileIdentifiers = sharingProfileIdentifiers; + } + @Override public String getIdentifier() { http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java index f605a90..1ee896a 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java @@ -32,7 +32,6 @@ import org.apache.guacamole.auth.jdbc.tunnel.GuacamoleTunnelService; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.auth.jdbc.JDBCEnvironment; import org.apache.guacamole.auth.jdbc.base.ModeledGroupedDirectoryObject; -import org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileService; import org.apache.guacamole.form.Field; import org.apache.guacamole.form.Form; import org.apache.guacamole.form.NumericField; @@ -101,12 +100,6 @@ public class ModeledConnection extends ModeledGroupedDirectoryObject<ConnectionM private ConnectionService connectionService; /** - * Service for managing sharing profiles. - */ - @Inject - private SharingProfileService sharingProfileService; - - /** * Service for creating and tracking tunnels. */ @Inject @@ -167,7 +160,7 @@ public class ModeledConnection extends ModeledGroupedDirectoryObject<ConnectionM @Override public Set<String> getSharingProfileIdentifiers() throws GuacamoleException { - return sharingProfileService.getIdentifiersWithin(getCurrentUser(), getIdentifier()); + return getModel().getSharingProfileIdentifiers(); } @Override http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupModel.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupModel.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupModel.java index 6805ef2..1d938c9 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupModel.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupModel.java @@ -19,6 +19,8 @@ package org.apache.guacamole.auth.jdbc.connectiongroup; +import java.util.HashSet; +import java.util.Set; import org.apache.guacamole.auth.jdbc.base.GroupedObjectModel; import org.apache.guacamole.net.auth.ConnectionGroup; @@ -61,6 +63,18 @@ public class ConnectionGroupModel extends GroupedObjectModel { private boolean sessionAffinityEnabled; /** + * The identifiers of all readable child connections within this connection + * group. + */ + private Set<String> connectionIdentifiers = new HashSet<String>(); + + /** + * The identifiers of all readable child connection groups within this + * connection group. + */ + private Set<String> connectionGroupIdentifiers = new HashSet<String>(); + + /** * Creates a new, empty connection group. */ public ConnectionGroupModel() { @@ -186,6 +200,62 @@ public class ConnectionGroupModel extends GroupedObjectModel { this.sessionAffinityEnabled = sessionAffinityEnabled; } + /** + * Returns the identifiers of all readable child connections within this + * connection group. This is set only when the parent connection group is + * queried, and has no effect when a connection group is inserted, updated, + * or deleted. + * + * @return + * The identifiers of all readable child connections within this + * connection group. + */ + public Set<String> getConnectionIdentifiers() { + return connectionIdentifiers; + } + + /** + * Sets the identifiers of all readable child connections within this + * connection group. This should be set only when the parent connection + * group is queried, as it has no effect when a connection group is + * inserted, updated, or deleted. + * + * @param connectionIdentifiers + * The identifiers of all readable child connections within this + * connection group. + */ + public void setConnectionIdentifiers(Set<String> connectionIdentifiers) { + this.connectionIdentifiers = connectionIdentifiers; + } + + /** + * Returns the identifiers of all readable child connection groups within + * this connection group. This is set only when the parent connection group + * is queried, and has no effect when a connection group is inserted, + * updated, or deleted. + * + * @return + * The identifiers of all readable child connection groups within this + * connection group. + */ + public Set<String> getConnectionGroupIdentifiers() { + return connectionGroupIdentifiers; + } + + /** + * Sets the identifiers of all readable child connection groups within this + * connection group. This should be set only when the parent connection + * group is queried, as it has no effect when a connection group is + * inserted, updated, or deleted. + * + * @param connectionGroupIdentifiers + * The identifiers of all readable child connection groups within this + * connection group. + */ + public void setConnectionGroupIdentifiers(Set<String> connectionGroupIdentifiers) { + this.connectionGroupIdentifiers = connectionGroupIdentifiers; + } + @Override public String getIdentifier() { http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java index a0675f4..59a93ec 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ModeledConnectionGroup.java @@ -29,7 +29,6 @@ import java.util.Set; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.auth.jdbc.JDBCEnvironment; import org.apache.guacamole.auth.jdbc.base.ModeledGroupedDirectoryObject; -import org.apache.guacamole.auth.jdbc.connection.ConnectionService; import org.apache.guacamole.auth.jdbc.tunnel.GuacamoleTunnelService; import org.apache.guacamole.form.BooleanField; import org.apache.guacamole.form.Field; @@ -100,12 +99,6 @@ public class ModeledConnectionGroup extends ModeledGroupedDirectoryObject<Connec private JDBCEnvironment environment; /** - * Service for managing connections. - */ - @Inject - private ConnectionService connectionService; - - /** * Service for managing connection groups. */ @Inject @@ -157,13 +150,13 @@ public class ModeledConnectionGroup extends ModeledGroupedDirectoryObject<Connec @Override public Set<String> getConnectionIdentifiers() throws GuacamoleException { - return connectionService.getIdentifiersWithin(getCurrentUser(), getIdentifier()); + return getModel().getConnectionIdentifiers(); } @Override public Set<String> getConnectionGroupIdentifiers() throws GuacamoleException { - return connectionGroupService.getIdentifiersWithin(getCurrentUser(), getIdentifier()); + return getModel().getConnectionGroupIdentifiers(); } @Override http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.java index 113cb90..7cd962e 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.java @@ -19,9 +19,7 @@ package org.apache.guacamole.auth.jdbc.sharingprofile; -import java.util.Set; import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper; -import org.apache.guacamole.auth.jdbc.user.UserModel; import org.apache.ibatis.annotations.Param; /** @@ -33,43 +31,6 @@ public interface SharingProfileMapper extends ModeledDirectoryObjectMapper<SharingProfileModel> { /** - * Selects the identifiers of all sharing profiles associated with the given - * primary connection, regardless of whether they are readable by any - * particular user. This should only be called on behalf of a system - * administrator. If identifiers are needed by a non-administrative user who - * must have explicit read rights, use selectReadableIdentifiersWithin() - * instead. - * - * @param primaryConnectionIdentifier - * The identifier of the primary connection. - * - * @return - * A Set containing all identifiers of all objects. - */ - Set<String> selectIdentifiersWithin( - @Param("primaryConnectionIdentifier") String primaryConnectionIdentifier); - - /** - * Selects the identifiers of all sharing profiles associated with the given - * primary connection that are explicitly readable by the given user. If - * identifiers are needed by a system administrator (who, by definition, - * does not need explicit read rights), use selectIdentifiersWithin() - * instead. - * - * @param user - * The user whose permissions should determine whether an identifier - * is returned. - * - * @param primaryConnectionIdentifier - * The identifier of the primary connection. - * - * @return - * A Set containing all identifiers of all readable objects. - */ - Set<String> selectReadableIdentifiersWithin(@Param("user") UserModel user, - @Param("primaryConnectionIdentifier") String primaryConnectionIdentifier); - - /** * Selects the sharing profile associated with the given primary connection * and having the given name. If no such sharing profile exists, null is * returned. http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileService.java ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileService.java index ec12929..907a3a9 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileService.java @@ -25,7 +25,6 @@ import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.Map; -import java.util.Set; import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser; import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper; import org.apache.guacamole.GuacamoleClientException; @@ -245,43 +244,6 @@ public class SharingProfileService } /** - * Returns the set of all identifiers for all sharing profiles associated - * with the given primary connection. Only sharing profiles that the user - * has read access to will be returned. - * - * Permission to read the primary connection having the given identifier is - * NOT checked. - * - * @param user - * The user retrieving the identifiers. - * - * @param identifier - * The identifier of the primary connection. - * - * @return - * The set of all identifiers for all sharing profiles associated with - * the primary connection having the given identifier that the user has - * read access to. - * - * @throws GuacamoleException - * If an error occurs while reading identifiers. - */ - public Set<String> getIdentifiersWithin(ModeledAuthenticatedUser user, - String identifier) - throws GuacamoleException { - - // Bypass permission checks if the user is a system admin - if (user.getUser().isAdministrator()) - return sharingProfileMapper.selectIdentifiersWithin(identifier); - - // Otherwise only return explicitly readable identifiers - else - return sharingProfileMapper.selectReadableIdentifiersWithin( - user.getUser().getModel(), identifier); - - } - - /** * Retrieves all parameters visible to the given user and associated with * the sharing profile having the given identifier. If the given user has no * access to such parameters, or no such sharing profile exists, the http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml index b5b8449..0fd0265 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml @@ -25,12 +25,21 @@ <!-- Result mapper for connection objects --> <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" > + + <!-- Connection properties --> <id column="connection_id" property="objectID" jdbcType="INTEGER"/> <result column="connection_name" property="name" jdbcType="VARCHAR"/> <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/> <result column="protocol" property="protocol" jdbcType="VARCHAR"/> <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/> <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/> + + <!-- Associated sharing profiles --> + <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String" + column="connection_id" foreignColumn="primary_connection_id"> + <result column="sharing_profile_id"/> + </collection> + </resultMap> <!-- Select all connection identifiers --> @@ -70,7 +79,8 @@ </select> <!-- Select multiple connections by identifier --> - <select id="select" resultMap="ConnectionResultMap"> + <select id="select" resultMap="ConnectionResultMap" + resultSets="connections,sharingProfiles"> SELECT connection_id, @@ -84,12 +94,21 @@ <foreach collection="identifiers" item="identifier" open="(" separator="," close=")"> #{identifier,jdbcType=VARCHAR} - </foreach> + </foreach>; + + SELECT primary_connection_id, sharing_profile_id + FROM guacamole_sharing_profile + WHERE primary_connection_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=VARCHAR} + </foreach>; </select> <!-- Select multiple connections by identifier only if readable --> - <select id="selectReadable" resultMap="ConnectionResultMap"> + <select id="selectReadable" resultMap="ConnectionResultMap" + resultSets="connections,sharingProfiles"> SELECT guacamole_connection.connection_id, @@ -106,7 +125,18 @@ #{identifier,jdbcType=VARCHAR} </foreach> AND user_id = #{user.objectID,jdbcType=INTEGER} - AND permission = 'READ' + AND permission = 'READ'; + + SELECT primary_connection_id, guacamole_sharing_profile.sharing_profile_id + FROM guacamole_sharing_profile + JOIN guacamole_sharing_profile_permission ON guacamole_sharing_profile_permission.sharing_profile_id = guacamole_sharing_profile.sharing_profile_id + WHERE primary_connection_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=VARCHAR} + </foreach> + AND user_id = #{user.objectID,jdbcType=INTEGER} + AND permission = 'READ'; </select> http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml index e8cecf1..f2ef3c2 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml @@ -25,6 +25,8 @@ <!-- Result mapper for connection objects --> <resultMap id="ConnectionGroupResultMap" type="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupModel" > + + <!-- Connection group properties --> <id column="connection_group_id" property="objectID" jdbcType="INTEGER"/> <result column="connection_group_name" property="name" jdbcType="VARCHAR"/> <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/> @@ -33,6 +35,19 @@ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/> <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/> <result column="enable_session_affinity" property="sessionAffinityEnabled" jdbcType="BOOLEAN"/> + + <!-- Child connection groups --> + <collection property="connectionGroupIdentifiers" resultSet="childConnectionGroups" ofType="java.lang.String" + column="connection_group_id" foreignColumn="parent_id"> + <result column="connection_group_id"/> + </collection> + + <!-- Child connections --> + <collection property="connectionIdentifiers" resultSet="childConnections" ofType="java.lang.String" + column="connection_group_id" foreignColumn="parent_id"> + <result column="connection_id"/> + </collection> + </resultMap> <!-- Select all connection group identifiers --> @@ -72,7 +87,8 @@ </select> <!-- Select multiple connection groups by identifier --> - <select id="select" resultMap="ConnectionGroupResultMap"> + <select id="select" resultMap="ConnectionGroupResultMap" + resultSets="connectionGroups,childConnectionGroups,childConnections"> SELECT connection_group_id, @@ -87,12 +103,29 @@ <foreach collection="identifiers" item="identifier" open="(" separator="," close=")"> #{identifier,jdbcType=VARCHAR} - </foreach> + </foreach>; + + SELECT parent_id, connection_group_id + FROM guacamole_connection_group + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=VARCHAR} + </foreach>; + + SELECT parent_id, connection_id + FROM guacamole_connection + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=VARCHAR} + </foreach>; </select> <!-- Select multiple connection groups by identifier only if readable --> - <select id="selectReadable" resultMap="ConnectionGroupResultMap"> + <select id="selectReadable" resultMap="ConnectionGroupResultMap" + resultSets="connectionGroups,childConnectionGroups,childConnections"> SELECT guacamole_connection_group.connection_group_id, @@ -110,7 +143,29 @@ #{identifier,jdbcType=VARCHAR} </foreach> AND user_id = #{user.objectID,jdbcType=INTEGER} - AND permission = 'READ' + AND permission = 'READ'; + + SELECT parent_id, guacamole_connection_group.connection_group_id + FROM guacamole_connection_group + JOIN guacamole_connection_group_permission ON guacamole_connection_group_permission.connection_group_id = guacamole_connection_group.connection_group_id + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=VARCHAR} + </foreach> + AND user_id = #{user.objectID,jdbcType=INTEGER} + AND permission = 'READ'; + + SELECT parent_id, guacamole_connection.connection_id + FROM guacamole_connection + JOIN guacamole_connection_permission ON guacamole_connection_permission.connection_id = guacamole_connection.connection_id + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=VARCHAR} + </foreach> + AND user_id = #{user.objectID,jdbcType=INTEGER} + AND permission = 'READ'; </select> http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml index 0045daf..7614574 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml @@ -45,25 +45,6 @@ AND permission = 'READ' </select> - <!-- Select all sharing profiles identifiers associated with a particular connection --> - <select id="selectIdentifiersWithin" resultType="string"> - SELECT sharing_profile_id - FROM guacamole_sharing_profile - WHERE - primary_connection_id = #{primaryConnectionIdentifier,jdbcType=VARCHAR} - </select> - - <!-- Select identifiers of all readable sharing profiles associated with a particular connection --> - <select id="selectReadableIdentifiersWithin" resultType="string"> - SELECT guacamole_sharing_profile.sharing_profile_id - FROM guacamole_sharing_profile - JOIN guacamole_sharing_profile_permission ON guacamole_sharing_profile_permission.sharing_profile_id = guacamole_sharing_profile.sharing_profile_id - WHERE - primary_connection_id = #{primaryConnectionIdentifier,jdbcType=VARCHAR} - AND user_id = #{user.objectID,jdbcType=INTEGER} - AND permission = 'READ' - </select> - <!-- Select multiple sharing profiles by identifier --> <select id="select" resultMap="SharingProfileResultMap"> http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml index 6097aa1..5fe9de4 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml @@ -25,12 +25,21 @@ <!-- Result mapper for connection objects --> <resultMap id="ConnectionResultMap" type="org.apache.guacamole.auth.jdbc.connection.ConnectionModel" > + + <!-- Connection properties --> <id column="connection_id" property="objectID" jdbcType="INTEGER"/> <result column="connection_name" property="name" jdbcType="VARCHAR"/> <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/> <result column="protocol" property="protocol" jdbcType="VARCHAR"/> <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/> <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/> + + <!-- Associated sharing profiles --> + <collection property="sharingProfileIdentifiers" resultSet="sharingProfiles" ofType="java.lang.String" + column="connection_id" foreignColumn="primary_connection_id"> + <result column="sharing_profile_id"/> + </collection> + </resultMap> <!-- Select all connection identifiers --> @@ -70,7 +79,8 @@ </select> <!-- Select multiple connections by identifier --> - <select id="select" resultMap="ConnectionResultMap"> + <select id="select" resultMap="ConnectionResultMap" + resultSets="connections,sharingProfiles"> SELECT connection_id, @@ -84,12 +94,21 @@ <foreach collection="identifiers" item="identifier" open="(" separator="," close=")"> #{identifier,jdbcType=INTEGER}::integer - </foreach> + </foreach>; + + SELECT primary_connection_id, sharing_profile_id + FROM guacamole_sharing_profile + WHERE primary_connection_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=INTEGER}::integer + </foreach>; </select> <!-- Select multiple connections by identifier only if readable --> - <select id="selectReadable" resultMap="ConnectionResultMap"> + <select id="selectReadable" resultMap="ConnectionResultMap" + resultSets="connections,sharingProfiles"> SELECT guacamole_connection.connection_id, @@ -106,7 +125,18 @@ #{identifier,jdbcType=INTEGER}::integer </foreach> AND user_id = #{user.objectID,jdbcType=INTEGER} - AND permission = 'READ' + AND permission = 'READ'; + + SELECT primary_connection_id, guacamole_sharing_profile.sharing_profile_id + FROM guacamole_sharing_profile + JOIN guacamole_sharing_profile_permission ON guacamole_sharing_profile_permission.sharing_profile_id = guacamole_sharing_profile.sharing_profile_id + WHERE primary_connection_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=INTEGER}::integer + </foreach> + AND user_id = #{user.objectID,jdbcType=INTEGER} + AND permission = 'READ'; </select> http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml index b55c015..0a41b3d 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml @@ -25,6 +25,8 @@ <!-- Result mapper for connection objects --> <resultMap id="ConnectionGroupResultMap" type="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupModel" > + + <!-- Connection group properties --> <id column="connection_group_id" property="objectID" jdbcType="INTEGER"/> <result column="connection_group_name" property="name" jdbcType="VARCHAR"/> <result column="parent_id" property="parentIdentifier" jdbcType="INTEGER"/> @@ -33,6 +35,19 @@ <result column="max_connections" property="maxConnections" jdbcType="INTEGER"/> <result column="max_connections_per_user" property="maxConnectionsPerUser" jdbcType="INTEGER"/> <result column="enable_session_affinity" property="sessionAffinityEnabled" jdbcType="BOOLEAN"/> + + <!-- Child connection groups --> + <collection property="connectionGroupIdentifiers" resultSet="childConnectionGroups" ofType="java.lang.String" + column="connection_group_id" foreignColumn="parent_id"> + <result column="connection_group_id"/> + </collection> + + <!-- Child connections --> + <collection property="connectionIdentifiers" resultSet="childConnections" ofType="java.lang.String" + column="connection_group_id" foreignColumn="parent_id"> + <result column="connection_id"/> + </collection> + </resultMap> <!-- Select all connection group identifiers --> @@ -72,7 +87,8 @@ </select> <!-- Select multiple connection groups by identifier --> - <select id="select" resultMap="ConnectionGroupResultMap"> + <select id="select" resultMap="ConnectionGroupResultMap" + resultSets="connectionGroups,childConnectionGroups,childConnections"> SELECT connection_group_id, @@ -87,12 +103,29 @@ <foreach collection="identifiers" item="identifier" open="(" separator="," close=")"> #{identifier,jdbcType=INTEGER}::integer - </foreach> + </foreach>; + + SELECT parent_id, connection_group_id + FROM guacamole_connection_group + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=INTEGER}::integer + </foreach>; + + SELECT parent_id, connection_id + FROM guacamole_connection + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=INTEGER}::integer + </foreach>; </select> <!-- Select multiple connection groups by identifier only if readable --> - <select id="selectReadable" resultMap="ConnectionGroupResultMap"> + <select id="selectReadable" resultMap="ConnectionGroupResultMap" + resultSets="connectionGroups,childConnectionGroups,childConnections"> SELECT guacamole_connection_group.connection_group_id, @@ -110,7 +143,29 @@ #{identifier,jdbcType=INTEGER}::integer </foreach> AND user_id = #{user.objectID,jdbcType=INTEGER} - AND permission = 'READ' + AND permission = 'READ'; + + SELECT parent_id, guacamole_connection_group.connection_group_id + FROM guacamole_connection_group + JOIN guacamole_connection_group_permission ON guacamole_connection_group_permission.connection_group_id = guacamole_connection_group.connection_group_id + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=INTEGER}::integer + </foreach> + AND user_id = #{user.objectID,jdbcType=INTEGER} + AND permission = 'READ'; + + SELECT parent_id, guacamole_connection.connection_id + FROM guacamole_connection + JOIN guacamole_connection_permission ON guacamole_connection_permission.connection_id = guacamole_connection.connection_id + WHERE parent_id IN + <foreach collection="identifiers" item="identifier" + open="(" separator="," close=")"> + #{identifier,jdbcType=INTEGER}::integer + </foreach> + AND user_id = #{user.objectID,jdbcType=INTEGER} + AND permission = 'READ'; </select> http://git-wip-us.apache.org/repos/asf/incubator-guacamole-client/blob/a83b5c58/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml ---------------------------------------------------------------------- diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml index 6720f5d..36a3beb 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml @@ -45,25 +45,6 @@ AND permission = 'READ' </select> - <!-- Select all sharing profile identifiers associated with a particular connection --> - <select id="selectIdentifiersWithin" resultType="string"> - SELECT sharing_profile_id - FROM guacamole_sharing_profile - WHERE - primary_connection_id = #{primaryConnectionIdentifier,jdbcType=INTEGER}::integer - </select> - - <!-- Select identifiers of all readable sharing profiles associated with a particular connection --> - <select id="selectReadableIdentifiersWithin" resultType="string"> - SELECT guacamole_sharing_profile.sharing_profile_id - FROM guacamole_sharing_profile - JOIN guacamole_sharing_profile_permission ON guacamole_sharing_profile_permission.sharing_profile_id = guacamole_sharing_profile.sharing_profile_id - WHERE - primary_connection_id = #{primaryConnectionIdentifier,jdbcType=INTEGER}::integer - AND user_id = #{user.objectID,jdbcType=INTEGER} - AND permission = 'READ' - </select> - <!-- Select multiple sharing profiles by identifier --> <select id="select" resultMap="SharingProfileResultMap">
