quintonm 2003/01/22 07:21:39
Modified: src/java/org/apache/turbine/services/security
BaseSecurityService.java SecurityService.java
TurbineSecurity.java UserManager.java
src/java/org/apache/turbine/services/security/db
DBUserManager.java
src/java/org/apache/turbine/services/security/ldap
LDAPUserManager.java
src/java/org/apache/turbine/services/security/passive
PassiveUserManager.java
Log:
Fix to TTWS30:TURBINE_USER is updated on when the session is unbound causing changes
to be lost
- A new method called saveOnSessionUnbind() bas been implemnented in the secuerity
service. This
will be called by the TurbineUSer object when it is unbound from the session
instead of TurbineSecurity.save(). This new method will save the last_login
field and the contents of the OBJECT_DATA column.
Revision Changes Path
1.16 +19 -1
jakarta-turbine-2/src/java/org/apache/turbine/services/security/BaseSecurityService.java
Index: BaseSecurityService.java
===================================================================
RCS file:
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/BaseSecurityService.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- BaseSecurityService.java 13 Jan 2003 21:14:29 -0000 1.15
+++ BaseSecurityService.java 22 Jan 2003 15:21:38 -0000 1.16
@@ -776,6 +776,24 @@
}
/**
+ * Saves User data when the session is unbound. The user account is required
+ * to exist in the storage.
+ *
+ * LastLogin, AccessCounter, persistent pull tools, and any data stored
+ * in the permData hashtable that is not mapped to a column will be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public void saveOnSessionUnbind( User user )
+ throws UnknownEntityException, DataBackendException
+ {
+ userManager.saveOnSessionUnbind( user );
+ }
+
+ /**
* Creates new user account with specified attributes.
*
* @param user the object describing account to be created.
1.11 +16 -1
jakarta-turbine-2/src/java/org/apache/turbine/services/security/SecurityService.java
Index: SecurityService.java
===================================================================
RCS file:
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/SecurityService.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- SecurityService.java 13 Jan 2003 00:13:22 -0000 1.10
+++ SecurityService.java 22 Jan 2003 15:21:39 -0000 1.11
@@ -468,6 +468,21 @@
void saveUser(User user)
throws UnknownEntityException, DataBackendException;
+ /**
+ * Saves User data when the session is unbound. The user account is required
+ * to exist in the storage.
+ *
+ * LastLogin, AccessCounter, persistent pull tools, and any data stored
+ * in the permData hashtable that is not mapped to a column will be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public void saveOnSessionUnbind( User user )
+ throws UnknownEntityException, DataBackendException;
+
/*-----------------------------------------------------------------------
Account management
-----------------------------------------------------------------------*/
1.7 +19 -1
jakarta-turbine-2/src/java/org/apache/turbine/services/security/TurbineSecurity.java
Index: TurbineSecurity.java
===================================================================
RCS file:
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/TurbineSecurity.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- TurbineSecurity.java 12 Jan 2003 16:29:25 -0000 1.6
+++ TurbineSecurity.java 22 Jan 2003 15:21:39 -0000 1.7
@@ -299,6 +299,24 @@
}
/**
+ * Saves User data when the session is unbound. The user account is required
+ * to exist in the storage.
+ *
+ * LastLogin, AccessCounter, persistent pull tools, and any data stored
+ * in the permData hashtable that is not mapped to a column will be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public static void saveOnSessionUnbind( User user )
+ throws UnknownEntityException, DataBackendException
+ {
+ getService().saveOnSessionUnbind( user );
+ }
+
+ /**
* Change the password for an User.
*
* @param user an User to change password for.
1.6 +16 -1
jakarta-turbine-2/src/java/org/apache/turbine/services/security/UserManager.java
Index: UserManager.java
===================================================================
RCS file:
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/UserManager.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- UserManager.java 12 Jan 2003 12:33:11 -0000 1.5
+++ UserManager.java 22 Jan 2003 15:21:39 -0000 1.6
@@ -164,6 +164,21 @@
throws UnknownEntityException, DataBackendException;
/**
+ * Saves User data when the session is unbound. The user account is required
+ * to exist in the storage.
+ *
+ * LastLogin, AccessCounter, persistent pull tools, and any data stored
+ * in the permData hashtable that is not mapped to a column will be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public void saveOnSessionUnbind( User user )
+ throws UnknownEntityException, DataBackendException;
+
+ /**
* Authenticate an User with the specified password. If authentication
* is successful the method returns nothing. If there are any problems,
* exception was thrown.
1.8 +67 -6
jakarta-turbine-2/src/java/org/apache/turbine/services/security/db/DBUserManager.java
Index: DBUserManager.java
===================================================================
RCS file:
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/db/DBUserManager.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- DBUserManager.java 12 Jan 2003 22:42:14 -0000 1.7
+++ DBUserManager.java 22 Jan 2003 15:21:39 -0000 1.8
@@ -57,10 +57,13 @@
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
+import java.util.Hashtable;
+
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.torque.om.BaseObject;
+import org.apache.torque.om.Persistent;
import org.apache.torque.util.Criteria;
import org.apache.turbine.om.security.User;
import org.apache.turbine.om.security.peer.TurbineUserPeer;
@@ -78,17 +81,18 @@
*
* This implementation uses a relational database for storing user data. It
* expects that the User interface implementation will be castable to
- * {@link org.apache.turbine.om.BaseObject}.
+ * {@link org.apache.torque.om.BaseObject}.
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Jon S. Stevens</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>John D. McNally</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Frank Y. Kim</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Craig D. Berry</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Rafal Krzewski</a>
+ * @author <a href="mailto:[EMAIL PROTECTED]";>Quinton McCombs</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Henning P. Schmiedehausen</a>
* @version $Id$
*/
-public class DBUserManager
+public class DBUserManager
implements UserManager
{
/** Logging */
@@ -274,7 +278,7 @@
try
{
- // this is to mimic the old behavior of the method, the user
+ // this is to mimic the old behavior of the method, the user
// should be new that is passed to this method. It would be
// better if this was checked, but the original code did not
// care about the user's state, so we set it to be appropriate
@@ -289,6 +293,63 @@
}
/**
+ * Saves User data when the session is unbound. The user account is required
+ * to exist in the storage.
+ *
+ * LastLogin, AccessCounter, persistent pull tools, and any data stored
+ * in the permData hashtable that is not mapped to a column will be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public void saveOnSessionUnbind( User user )
+ throws UnknownEntityException, DataBackendException
+ {
+ if( !user.hasLoggedIn() )
+ {
+ return;
+ }
+
+ if(!accountExists(user))
+ {
+ throw new UnknownEntityException("The account '" +
+ user.getUserName() + "' does not exist");
+ }
+ Criteria crit = new Criteria();
+ if (!((Persistent) user).isNew())
+ {
+ crit.add(TurbineUserPeer.USER_ID, ((Persistent) user).getPrimaryKey());
+ }
+
+ Hashtable permStorage = (Hashtable) user.getPermStorage().clone();
+ crit.add(TurbineUserPeer.LAST_LOGIN,
permStorage.remove(TurbineUserPeer.LAST_LOGIN));
+
+ // The OBJECT_DATA column only stores data not mapped to a column. We must
+ // remove all of the extra data and serialize the rest. Access Counter
+ // is not mapped to a column so it will be serialized into OBJECT_DATA.
+ for (int i = 1; i < TurbineUserPeer.columnNames.length; i++)
+ {
+ if (permStorage.containsKey(TurbineUserPeer.columnNames[i]))
+ {
+ permStorage.remove(TurbineUserPeer.columnNames[i]);
+ }
+ }
+ crit.add(TurbineUserPeer.OBJECT_DATA, permStorage);
+
+ try
+ {
+ TurbineUserPeer.doUpdate(crit);
+ }
+ catch(Exception e)
+ {
+ throw new DataBackendException("Failed to save user object", e);
+ }
+
+ }
+
+ /**
* Authenticate an User with the specified password. If authentication
* is successful the method returns nothing. If there are any problems,
* exception was thrown.
@@ -317,7 +378,7 @@
/*
* Unix crypt needs the existing, encrypted password text as
- * salt for checking the supplied password. So we supply it
+ * salt for checking the supplied password. So we supply it
* into the checkPassword routine
*/
@@ -422,7 +483,7 @@
try
{
- // this is to mimic the old behavior of the method, the user
+ // this is to mimic the old behavior of the method, the user
// should be new that is passed to this method. It would be
// better if this was checked, but the original code did not
// care about the user's state, so we set it to be appropriate
1.7 +26 -4
jakarta-turbine-2/src/java/org/apache/turbine/services/security/ldap/LDAPUserManager.java
Index: LDAPUserManager.java
===================================================================
RCS file:
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/ldap/LDAPUserManager.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- LDAPUserManager.java 13 Jan 2003 20:09:45 -0000 1.6
+++ LDAPUserManager.java 22 Jan 2003 15:21:39 -0000 1.7
@@ -78,9 +78,7 @@
* object related tasks on behalf of the
* {@link org.apache.turbine.services.security.SecurityService}.
*
- * This implementation uses ldap for retrieving user data. It
- * expects that the User interface implementation will be castable to
- * {@link org.apache.turbine.om.BaseObject}.
+ * This implementation uses ldap for retrieving user data.
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Jon S. Stevens</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>John D. McNally</a>
@@ -308,6 +306,30 @@
catch (NamingException ex)
{
throw new DataBackendException("NamingException caught", ex);
+ }
+ }
+
+ /**
+ * This method is not yet implemented.
+ *
+ * Saves User data when the session is unbound. The user account is required
+ * to exist in the storage.
+ *
+ * LastLogin, AccessCounter, persistent pull tools, and any data stored
+ * in the permData hashtable that is not mapped to a column will be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public void saveOnSessionUnbind( User user )
+ throws UnknownEntityException, DataBackendException
+ {
+ if(!accountExists(user))
+ {
+ throw new UnknownEntityException("The account '" +
+ user.getUserName() + "' does not exist");
}
}
1.4 +19 -1
jakarta-turbine-2/src/java/org/apache/turbine/services/security/passive/PassiveUserManager.java
Index: PassiveUserManager.java
===================================================================
RCS file:
/home/cvs/jakarta-turbine-2/src/java/org/apache/turbine/services/security/passive/PassiveUserManager.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- PassiveUserManager.java 12 Jan 2003 12:33:12 -0000 1.3
+++ PassiveUserManager.java 22 Jan 2003 15:21:39 -0000 1.4
@@ -184,6 +184,24 @@
}
/**
+ * Saves User data when the session is unbound. The user account is required
+ * to exist in the storage.
+ *
+ * LastLogin, AccessCounter, persistent pull tools, and any data stored
+ * in the permData hashtable that is not mapped to a column will be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public void saveOnSessionUnbind( User user )
+ throws UnknownEntityException, DataBackendException
+ {
+ throw new DataBackendException("PassiveUserManager does not support saving
user data");
+ }
+
+ /**
* Authenticate an User with the specified password. If authentication
* is successful the method returns nothing. If there are any problems,
* exception was thrown.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
