henning     2003/01/12 14:42:14

  Modified:    src/java/org/apache/turbine/services/security/db
                        DBSecurityService.java DBUserManager.java
  Log:
  - Next round of style and doc fixes from our internal CVS
  
  - Add checks to addGroup/addRole/addPermission/createUser to
    prevent the accidential creation of empty objects
  
  - change the method to save an user in store() and createAccount
    to match the Fulcrum code.
  
  Revision  Changes    Path
  1.13      +97 -73    
jakarta-turbine-2/src/java/org/apache/turbine/services/security/db/DBSecurityService.java
  
  Index: DBSecurityService.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/db/DBSecurityService.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- DBSecurityService.java    12 Jan 2003 15:11:04 -0000      1.12
  +++ DBSecurityService.java    12 Jan 2003 22:42:14 -0000      1.13
  @@ -59,6 +59,10 @@
   import java.util.Iterator;
   import java.util.List;
   import java.util.Vector;
  +import org.apache.commons.configuration.Configuration;
  +import org.apache.commons.lang.StringUtils;
  +import org.apache.commons.logging.Log;
  +import org.apache.commons.logging.LogFactory;
   import org.apache.torque.om.BaseObject;
   import org.apache.torque.om.NumberKey;
   import org.apache.torque.util.Criteria;
  @@ -78,9 +82,6 @@
   import org.apache.turbine.om.security.peer.UserPeer;
   import org.apache.turbine.services.security.BaseSecurityService;
   import org.apache.turbine.services.security.TurbineSecurity;
  -import org.apache.commons.configuration.Configuration;
  -import org.apache.commons.logging.Log;
  -import org.apache.commons.logging.LogFactory;
   import org.apache.turbine.util.security.AccessControlList;
   import org.apache.turbine.util.security.DataBackendException;
   import org.apache.turbine.util.security.EntityExistsException;
  @@ -93,11 +94,12 @@
    * An implementation of SecurityService that uses a database as backend.
    *
    * @author <a href="mailto:[EMAIL PROTECTED]";>Rafal Krzewski</a>
  - * @author <a href="mailto:[EMAIL PROTECTED]";>Marco Kn&uuml;ttel</a>
    * @author <a href="mailto:[EMAIL PROTECTED]";>Henning P. Schmiedehausen</a>
  + * @author <a href="mailto:[EMAIL PROTECTED]";>Marco Kn&uuml;ttel</a>
    * @version $Id$
    */
  -public class DBSecurityService extends BaseSecurityService
  +public class DBSecurityService
  +    extends BaseSecurityService
   {
       /** Logging */
       private static Log log = LogFactory.getLog(DBSecurityService.class);
  @@ -151,7 +153,7 @@
               // construct the snapshot:
   
               // foreach group in the system
  -            for (Iterator groupsIterator = getAllGroups().elements(); 
  +            for (Iterator groupsIterator = getAllGroups().elements();
                    groupsIterator.hasNext();)
               {
                   Group group = (Group) groupsIterator.next();
  @@ -168,7 +170,7 @@
                       Role role = (Role) rolesIterator.next();
                       // get permissions of the role
                       PermissionSet rolePermissions
  -                            = PermissionPeer.retrieveSet(role);
  +                        = PermissionPeer.retrieveSet(role);
                       groupPermissions.add(rolePermissions);
                   }
                   // put the Set into permissions(group)
  @@ -219,11 +221,11 @@
               {
                   Criteria criteria = new Criteria();
                   criteria.add(UserGroupRolePeer.USER_ID,
  -                        ((BaseObject) user).getPrimaryKey());
  +                             ((BaseObject) user).getPrimaryKey());
                   criteria.add(UserGroupRolePeer.GROUP_ID,
  -                        ((BaseObject) group).getPrimaryKey());
  +                             ((BaseObject) group).getPrimaryKey());
                   criteria.add(UserGroupRolePeer.ROLE_ID,
  -                        ((TurbineRole) role).getPrimaryKey());
  +                             ((TurbineRole) role).getPrimaryKey());
                   UserGroupRolePeer.doInsert(criteria);
                   return;
               }
  @@ -239,17 +241,17 @@
           if (!userExists)
           {
               throw new UnknownEntityException("Unknown user '"
  -                    + user.getUserName() + "'");
  +                                             + user.getUserName() + "'");
           }
           if (!groupExists)
           {
               throw new UnknownEntityException("Unknown group '"
  -                    + ((SecurityObject) group).getName() + "'");
  +                                             + group.getName() + "'");
           }
           if (!roleExists)
           {
               throw new UnknownEntityException("Unknown role '"
  -                    + role.getName() + "'");
  +                                             + role.getName() + "'");
           }
       }
   
  @@ -280,11 +282,11 @@
               {
                   Criteria criteria = new Criteria();
                   criteria.add(UserGroupRolePeer.USER_ID,
  -                        ((BaseObject) user).getPrimaryKey());
  +                             ((BaseObject) user).getPrimaryKey());
                   criteria.add(UserGroupRolePeer.GROUP_ID,
  -                        ((BaseObject) group).getPrimaryKey());
  +                             ((BaseObject) group).getPrimaryKey());
                   criteria.add(UserGroupRolePeer.ROLE_ID,
  -                        ((TurbineRole) role).getPrimaryKey());
  +                             ((TurbineRole) role).getPrimaryKey());
                   UserGroupRolePeer.doDelete(criteria);
                   return;
               }
  @@ -300,19 +302,19 @@
           if (!userExists)
           {
               throw new UnknownEntityException("Unknown user '"
  -                    + user.getUserName() + "'");
  +                                             + user.getUserName() + "'");
           }
           if (!groupExists)
           {
               throw new UnknownEntityException("Unknown group '"
  -                    + ((SecurityObject) group).getName() + "'");
  +                                             + group.getName() + "'");
           }
           if (!roleExists)
           {
               throw new UnknownEntityException("Unknown role '"
  -                    + role.getName() + "'");
  +                                             + role.getName() + "'");
           }
  -     }
  +    }
   
       /**
        * Revokes all roles from an User.
  @@ -344,9 +346,9 @@
                   //         ((BaseObject) user).getPrimaryKey());
                   // UserGroupRolePeer.doDelete(criteria);
                   int id = ((NumberKey) ((BaseObject) user)
  -                        .getPrimaryKey()).intValue();
  +                          .getPrimaryKey()).intValue();
                   UserGroupRolePeer.deleteAll(UserGroupRolePeer.TABLE_NAME,
  -                        UserGroupRolePeer.USER_ID, id);
  +                                            UserGroupRolePeer.USER_ID, id);
                   return;
               }
           }
  @@ -359,7 +361,7 @@
               unlockExclusive();
           }
           throw new UnknownEntityException("Unknown user '"
  -                + user.getUserName() + "'");
  +                                         + user.getUserName() + "'");
       }
   
       /**
  @@ -385,9 +387,9 @@
               {
                   Criteria criteria = new Criteria();
                   criteria.add(RolePermissionPeer.ROLE_ID,
  -                        ((TurbineRole) role).getPrimaryKey());
  +                             ((TurbineRole) role).getPrimaryKey());
                   criteria.add(RolePermissionPeer.PERMISSION_ID,
  -                        ((BaseObject) permission).getPrimaryKey());
  +                             ((BaseObject) permission).getPrimaryKey());
                   UserGroupRolePeer.doInsert(criteria);
                   return;
               }
  @@ -403,12 +405,12 @@
           if (!roleExists)
           {
               throw new UnknownEntityException("Unknown role '"
  -                    + role.getName() + "'");
  +                                             + role.getName() + "'");
           }
           if (!permissionExists)
           {
               throw new UnknownEntityException("Unknown permission '"
  -                    + ((SecurityObject) permission).getName() + "'");
  +                                             + permission.getName() + "'");
           }
       }
   
  @@ -435,9 +437,9 @@
               {
                   Criteria criteria = new Criteria();
                   criteria.add(RolePermissionPeer.ROLE_ID,
  -                        ((TurbineRole) role).getPrimaryKey());
  +                             ((TurbineRole) role).getPrimaryKey());
                   criteria.add(RolePermissionPeer.PERMISSION_ID,
  -                        ((BaseObject) permission).getPrimaryKey());
  +                             ((BaseObject) permission).getPrimaryKey());
                   RolePermissionPeer.doDelete(criteria);
                   return;
               }
  @@ -453,12 +455,12 @@
           if (!roleExists)
           {
               throw new UnknownEntityException("Unknown role '"
  -                    + role.getName() + "'");
  +                                             + role.getName() + "'");
           }
           if (!permissionExists)
           {
               throw new UnknownEntityException("Unknown permission '"
  -                    + ((SecurityObject) permission).getName() + "'");
  +                                             + permission.getName() + "'");
           }
       }
   
  @@ -491,9 +493,9 @@
                   // RolePermissionPeer.doDelete(criteria);
   
                   int id = ((NumberKey) ((TurbineRole) role)
  -                        .getPrimaryKey()).intValue();
  +                          .getPrimaryKey()).intValue();
                   RolePermissionPeer.deleteAll(RolePermissionPeer.TABLE_NAME,
  -                        RolePermissionPeer.ROLE_ID, id);
  +                                             RolePermissionPeer.ROLE_ID, id);
                   return;
               }
           }
  @@ -506,8 +508,8 @@
               unlockExclusive();
           }
           throw new UnknownEntityException("Unknown role '"
  -                + role.getName() + "'");
  -     }
  +                                         + role.getName() + "'");
  +    }
   
       /*-----------------------------------------------------------------------
         Group/Role/Permission management
  @@ -516,7 +518,7 @@
       /**
        * Retrieve a set of Groups that meet the specified Criteria.
        *
  -     * @param criteria Criteria of Group selection.
  +     * @param criteria A Criteria of Group selection.
        * @return a set of Groups that meet the specified Criteria.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
  @@ -546,7 +548,7 @@
       /**
        * Retrieve a set of Roles that meet the specified Criteria.
        *
  -     * @param criteria Criteria of Roles selection.
  +     * @param criteria A Criteria of Roles selection.
        * @return a set of Roles that meet the specified Criteria.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
  @@ -576,7 +578,7 @@
       /**
        * Retrieve a set of Permissions that meet the specified Criteria.
        *
  -     * @param criteria Criteria of Permissions selection.
  +     * @param criteria A Criteria of Permissions selection.
        * @return a set of Permissions that meet the specified Criteria.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
  @@ -590,7 +592,7 @@
           {
               String key = (String) keys.next();
               dbCriteria.put(PermissionPeer.getColumnName(key),
  -                    criteria.get(key));
  +                           criteria.get(key));
           }
           List permissions = new Vector(0);
           try
  @@ -600,7 +602,7 @@
           catch (Exception e)
           {
               throw new DataBackendException(
  -                    "getPermissions(Criteria) failed", e);
  +                "getPermissions(Criteria) failed", e);
           }
           return new PermissionSet(permissions);
       }
  @@ -609,7 +611,7 @@
        * Retrieves all permissions associated with a role.
        *
        * @param role the role name, for which the permissions are to be retrieved.
  -     * @return the Permissions
  +     * @return A Permission set for the Role.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
        * @throws UnknownEntityException if the role is not present.
  @@ -636,7 +638,7 @@
               unlockShared();
           }
           throw new UnknownEntityException("Unknown role '"
  -                + role.getName() + "'");
  +                                         + role.getName() + "'");
       }
   
       /**
  @@ -723,10 +725,10 @@
           catch (Exception e)
           {
               throw new DataBackendException(
  -                    "savePermission(Permission) failed", e);
  +                "savePermission(Permission) failed", e);
           }
           throw new UnknownEntityException("Unknown permission '"
  -                + permission + "'");
  +                                         + permission + "'");
       }
   
       /**
  @@ -778,9 +780,17 @@
        * @throws EntityExistsException if the group already exists.
        */
       public synchronized Group addGroup(Group group)
  -        throws DataBackendException, EntityExistsException
  +        throws DataBackendException,
  +               EntityExistsException
       {
           boolean groupExists = false;
  +
  +        if (StringUtils.isEmpty(group.getName()))
  +        {
  +            throw new DataBackendException("Could not create "
  +                                           + "a group with empty name!");
  +        }
  +
           try
           {
               lockExclusive();
  @@ -793,13 +803,13 @@
                   // try to get the object back using the name as key.
                   criteria = new Criteria();
                   criteria.add(GroupPeer.NAME,
  -                        ((SecurityObject) group).getName());
  +                             group.getName());
                   List results = GroupPeer.doSelect(criteria);
                   if (results.size() != 1)
                   {
                       throw new DataBackendException(
  -                            "Internal error - query returned "
  -                            + results.size() + " rows");
  +                        "Internal error - query returned "
  +                        + results.size() + " rows");
                   }
                   Group newGroup = (Group) results.get(0);
                   // add the group to system-wide cache
  @@ -834,6 +844,13 @@
           throws DataBackendException, EntityExistsException
       {
           boolean roleExists = false;
  +
  +        if (StringUtils.isEmpty(role.getName()))
  +        {
  +            throw new DataBackendException("Could not create "
  +                                           + "a role with empty name!");
  +        }
  +
           try
           {
               lockExclusive();
  @@ -850,8 +867,8 @@
                   if (results.size() != 1)
                   {
                       throw new DataBackendException(
  -                            "Internal error - query returned "
  -                            + results.size() + " rows");
  +                        "Internal error - query returned "
  +                        + results.size() + " rows");
                   }
                   Role newRole = (Role) results.get(0);
                   // add the role to system-wide cache
  @@ -886,6 +903,13 @@
           throws DataBackendException, EntityExistsException
       {
           boolean permissionExists = false;
  +
  +        if (StringUtils.isEmpty(permission.getName()))
  +        {
  +            throw new DataBackendException("Could not create "
  +                                           + "a permission with empty name!");
  +        }
  +
           try
           {
               lockExclusive();
  @@ -898,13 +922,13 @@
                   // try to get the object back using the name as key.
                   criteria = new Criteria();
                   criteria.add(PermissionPeer.NAME,
  -                        ((SecurityObject) permission).getName());
  +                             permission.getName());
                   List results = PermissionPeer.doSelect(criteria);
                   if (results.size() != 1)
                   {
                       throw new DataBackendException(
  -                            "Internal error - query returned "
  -                            + results.size() + " rows");
  +                        "Internal error - query returned "
  +                        + results.size() + " rows");
                   }
                   Permission newPermission = (Permission) results.get(0);
                   // add the permission to system-wide cache
  @@ -916,7 +940,7 @@
           catch (Exception e)
           {
               throw new DataBackendException(
  -                    "addPermission(Permission) failed", e);
  +                "addPermission(Permission) failed", e);
           }
           finally
           {
  @@ -925,13 +949,13 @@
           // the only way we could get here without return/throw tirggered
           // is that the permissionExists was true.
           throw new EntityExistsException("Permission '" + permission
  -                + "' already exists");
  +                                        + "' already exists");
       }
   
       /**
        * Removes a Group from the system.
        *
  -     * @param group object describing group to be removed.
  +     * @param group The object describing the group to be removed.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
        * @throws UnknownEntityException if the group does not exist.
  @@ -968,7 +992,7 @@
       /**
        * Removes a Role from the system.
        *
  -     * @param role object describing role to be removed.
  +     * @param role The object describing the role to be removed.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
        * @throws UnknownEntityException if the role does not exist.
  @@ -1005,7 +1029,7 @@
       /**
        * Removes a Permission from the system.
        *
  -     * @param permission object describing permission to be removed.
  +     * @param permission The object describing the permission to be removed.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
        * @throws UnknownEntityException if the permission does not exist.
  @@ -1035,13 +1059,13 @@
               unlockExclusive();
           }
           throw new UnknownEntityException("Unknown permission '"
  -                + permission + "'");
  +                                         + permission + "'");
       }
   
       /**
        * Renames an existing Group.
        *
  -     * @param group object describing the group to be renamed.
  +     * @param group The object describing the group to be renamed.
        * @param name the new name for the group.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
  @@ -1057,7 +1081,7 @@
               groupExists = checkExists(group);
               if (groupExists)
               {
  -                ((SecurityObject) group).setName(name);
  +                group.setName(name);
                   Criteria criteria = GroupPeer.buildCriteria(group);
                   GroupPeer.doUpdate(criteria);
                   return;
  @@ -1077,7 +1101,7 @@
       /**
        * Renames an existing Role.
        *
  -     * @param role object describing the role to be renamed.
  +     * @param role The object describing the role to be renamed.
        * @param name the new name for the role.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
  @@ -1113,15 +1137,15 @@
       /**
        * Renames an existing Permission.
        *
  -     * @param permission object describing the permission to be renamed.
  +     * @param permission The object describing the permission to be renamed.
        * @param name the new name for the permission.
        * @throws DataBackendException if there was an error accessing the data
        *         backend.
        * @throws UnknownEntityException if the permission does not exist.
        */
       public synchronized void renamePermission(Permission permission,
  -            String name)
  -            throws DataBackendException, UnknownEntityException
  +                                              String name)
  +        throws DataBackendException, UnknownEntityException
       {
           boolean permissionExists = false;
           try
  @@ -1130,7 +1154,7 @@
               permissionExists = checkExists(permission);
               if (permissionExists)
               {
  -                ((SecurityObject) permission).setName(name);
  +                permission.setName(name);
                   Criteria criteria = PermissionPeer.buildCriteria(permission);
                   PermissionPeer.doUpdate(criteria);
                   return;
  @@ -1139,14 +1163,14 @@
           catch (Exception e)
           {
               throw new DataBackendException(
  -                    "renamePermission(Permission,name)", e);
  +                "renamePermission(Permission,name)", e);
           }
           finally
           {
               unlockExclusive();
           }
           throw new UnknownEntityException("Unknown permission '"
  -                + permission + "'");
  +                                         + permission + "'");
       }
   
       /* Service specific implementation methods */
  @@ -1162,7 +1186,7 @@
       public Class getUserPeerClass() throws UnknownEntityException
       {
           String userPeerClassName = getConfiguration().getString(
  -                USER_PEER_CLASS_KEY, USER_PEER_CLASS_DEFAULT);
  +            USER_PEER_CLASS_KEY, USER_PEER_CLASS_DEFAULT);
           try
           {
               return Class.forName(userPeerClassName);
  @@ -1206,7 +1230,7 @@
        * @return true if the group exists in the system, false otherwise
        * @throws DataBackendException when more than one Group with
        *         the same name exists.
  -     * @throws Exception a generic exception.
  +     * @throws Exception A generic exception.
        */
       protected boolean checkExists(Group group)
           throws DataBackendException, Exception
  @@ -1221,7 +1245,7 @@
        * @return true if the role exists in the system, false otherwise
        * @throws DataBackendException when more than one Role with
        *         the same name exists.
  -     * @throws Exception a generic exception.
  +     * @throws Exception A generic exception.
        */
       protected boolean checkExists(Role role)
           throws DataBackendException, Exception
  @@ -1236,7 +1260,7 @@
        * @return true if the permission exists in the system, false otherwise
        * @throws DataBackendException when more than one Permission with
        *         the same name exists.
  -     * @throws Exception a generic exception.
  +     * @throws Exception A generic exception.
        */
       protected boolean checkExists(Permission permission)
           throws DataBackendException, Exception
  
  
  
  1.7       +24 -8     
jakarta-turbine-2/src/java/org/apache/turbine/services/security/db/DBUserManager.java
  
  Index: DBUserManager.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/db/DBUserManager.java,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- DBUserManager.java        12 Jan 2003 16:29:25 -0000      1.6
  +++ DBUserManager.java        12 Jan 2003 22:42:14 -0000      1.7
  @@ -57,6 +57,7 @@
   import java.util.ArrayList;
   import java.util.Iterator;
   import java.util.List;
  +import org.apache.commons.lang.StringUtils;
   import org.apache.commons.logging.Log;
   import org.apache.commons.logging.LogFactory;
   import org.apache.torque.om.BaseObject;
  @@ -270,10 +271,16 @@
               throw new UnknownEntityException("The account '" +
                                                user.getUserName() + "' does not 
exist");
           }
  -        Criteria criteria = TurbineUserPeer.buildCriteria(user);
  +
           try
           {
  -            TurbineUserPeer.doUpdate(criteria);
  +            // this is to mimic the old behavior of the method, the user 
  +            // should be new that is passed to this method.  It would be
  +            // better if this was checked, but the original code did not
  +            // care about the user's state, so we set it to be appropriate
  +            ((BaseObject) user).setNew(false);
  +            ((BaseObject) user).setModified(true);
  +            ((BaseObject) user).save();
           }
           catch (Exception e)
           {
  @@ -400,19 +407,28 @@
       public void createAccount(User user, String initialPassword)
           throws EntityExistsException, DataBackendException
       {
  +        if(StringUtils.isEmpty(user.getUserName()))
  +        {
  +            throw new DataBackendException("Could not create "
  +                                           + "an user with empty name!");
  +        }
  +
           if (accountExists(user))
           {
               throw new EntityExistsException("The account '" +
                                               user.getUserName() + "' already 
exists");
           }
           user.setPassword(TurbineSecurity.encryptPassword(initialPassword));
  -        Criteria criteria = TurbineUserPeer.buildCriteria(user);
  +
           try
           {
  -            // we can safely assume that BaseObject derivate is used as User
  -            // implementation with this UserManager
  -            ((BaseObject) user).setPrimaryKey(
  -                TurbineUserPeer.doInsert(criteria));
  +            // this is to mimic the old behavior of the method, the user 
  +            // should be new that is passed to this method.  It would be
  +            // better if this was checked, but the original code did not
  +            // care about the user's state, so we set it to be appropriate
  +            ((BaseObject) user).setNew(true);
  +            ((BaseObject) user).setModified(true);
  +            ((BaseObject) user).save();
           }
           catch (Exception e)
           {
  
  
  

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to