The Authorization Service: now the data manager
13 March 2008Last time, we laid out the properties of the Authorization object that we will be using for the Authorization service. This time, we’ll take a look at the DataManager class that will contain all of the methods used to persist this data:
package org.restafarian.authorization.data.managers;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.restafarian.authorization.beans.Authorization;
import org.restafarian.core.beans.Person;
/**
* <p>Authorization manager</p>
*/
public class AuthorizationManager {
private static Log log = LogFactory.getLog(AuthorizationManager.class);
private static DataSource dataSource = getDataSource();
/**
* <p>Checks to see if an authorization is on file, and if not,
* adds it.</p>
*
* @param authorization the authorization to verify
*/
public static void verifyAuthorization(Authorization authorization) {
String context = authorization.getContext();
String object = authorization.getObject();
String method = authorization.getMethod();
String qualifier = authorization.getQualifier();
String userId = null;
if (authorization.getUser() != null) {
userId = authorization.getUser().getId();
}
if (context != null && !"".equals(context.trim()) &&
object != null && !"".equals(object.trim()) &&
method != null && !"".equals(method.trim()) &&
qualifier != null && !"".equals(qualifier.trim()) &&
userId != null && !"".equals(userId.trim())) {
Map ids = new HashMap();
ids.put("context", context);
ids.put("object", object);
ids.put("method", method);
ids.put("qualifier", qualifier);
ids.put("userId", userId);
if (getAuthorization(ids) == null) {
insertAuthorization(authorization);
}
}
}
/**
* <p>Handles a get request for a single Authorization.</p>
*
* @param id the id of the requested record
* @return the requested Authorization
*/
public static Authorization getAuthorization(int id) {
Authorization authorization = null;
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
String qs = null;
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
stmt = conn.createStatement();
qs = getAuthorizationQueryStatement(id);
rs = stmt.executeQuery(qs);
if (rs.next()) {
authorization = new Authorization();
authorization.setId(rs.getInt("id"));
authorization.setActive(rs.getInt("active") == 1);
authorization.setContext(rs.getString("context"));
authorization.setQualifier(rs.getString("qualifier"));
authorization.setObject(rs.getString("object"));
authorization.setMethod(rs.getString("method"));
if (rs.getTimestamp("activationDate") != null) {
authorization.setActivationDate(new Date(rs.getTimestamp(
"activationDate").getTime()));
}
if (rs.getTimestamp("deactivationDate") != null) {
authorization.setDeactivationDate(new Date(rs.getTimestamp(
"deactivationDate").getTime()));
}
Person user = new Person();
user.setId(toLowerCase(rs.getString("userId")));
user.setName(rs.getString("userName"));
user.setUri(rs.getString("userUri"));
authorization.setUser(user);
if (rs.getString("activatedBy") != null && rs.getString(
"activatedBy").trim().length() > 0) {
Person activatedBy = new Person();
activatedBy.setId(rs.getString("activatedBy"));
activatedBy.setName(rs.getString("activatedByName"));
activatedBy.setUri(rs.getString("activatedByUri"));
authorization.setActivatedBy(activatedBy);
}
if (rs.getString("deactivatedBy") != null && rs.getString(
"deactivatedBy").trim().length() > 0) {
Person deactivatedBy = new Person();
deactivatedBy.setId(rs.getString("deactivatedBy"));
deactivatedBy.setName(rs.getString("deactivatedByName"));
deactivatedBy.setUri(rs.getString("deactivatedByUri"));
authorization.setDeactivatedBy(deactivatedBy);
}
}
} catch (SQLException e) {
log.error("SQL: " + qs);
log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
} finally {
if (rs != null) {
try {
rs.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
rs = null;
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
stmt = null;
}
if (conn != null) {
try {
conn.commit();
conn.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
conn = null;
}
}
return authorization;
}
/**
* <p>Handles a get request for a single Authorization.</p>
*
* @param ids a Map containing the ids of the requested record
* @return the requested Authorization
*/
public static Authorization getAuthorization(Map ids) {
Authorization authorization = null;
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
String qs = null;
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
stmt = conn.createStatement();
qs = getAuthorizationQueryStatement(ids);
rs = stmt.executeQuery(qs);
if (rs.next()) {
authorization = new Authorization();
authorization.setId(rs.getInt("id"));
authorization.setActive(rs.getInt("active") == 1);
authorization.setContext(rs.getString("context"));
authorization.setQualifier(rs.getString("qualifier"));
authorization.setObject(rs.getString("object"));
authorization.setMethod(rs.getString("method"));
if (rs.getTimestamp("activationDate") != null) {
authorization.setActivationDate(new Date(rs.getTimestamp(
"activationDate").getTime()));
}
if (rs.getTimestamp("deactivationDate") != null) {
authorization.setDeactivationDate(new Date(rs.getTimestamp(
"deactivationDate").getTime()));
}
Person user = new Person();
user.setId(toLowerCase(rs.getString("userId")));
user.setName(rs.getString("userName"));
user.setUri(rs.getString("userUri"));
authorization.setUser(user);
if (rs.getString("activatedBy") != null && rs.getString(
"activatedBy").trim().length() > 0) {
Person activatedBy = new Person();
activatedBy.setId(rs.getString("activatedBy"));
activatedBy.setName(rs.getString("activatedByName"));
activatedBy.setUri(rs.getString("activatedByUri"));
authorization.setActivatedBy(activatedBy);
}
if (rs.getString("deactivatedBy") != null && rs.getString(
"deactivatedBy").trim().length() > 0) {
Person deactivatedBy = new Person();
deactivatedBy.setId(rs.getString("deactivatedBy"));
deactivatedBy.setName(rs.getString("deactivatedByName"));
deactivatedBy.setUri(rs.getString("deactivatedByUri"));
authorization.setDeactivatedBy(deactivatedBy);
}
}
} catch (SQLException e) {
log.error("SQL: " + qs);
log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
} finally {
if (rs != null) {
try {
rs.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
rs = null;
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
stmt = null;
}
if (conn != null) {
try {
conn.commit();
conn.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
conn = null;
}
}
return authorization;
}
/**
* <p>Handles an Authorization query.</p>
*
* @param queryString the query string
* @return the list of Authorizations
*/
public static List query(Map ids) {
List list = new ArrayList();
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
String qs = null;
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
stmt = conn.createStatement();
qs = getQueryStatement(ids);
rs = stmt.executeQuery(qs);
while (rs.next()) {
Authorization authorization = new Authorization();
authorization.setId(rs.getInt("id"));
authorization.setActive(rs.getInt("active") == 1);
authorization.setContext(rs.getString("context"));
authorization.setQualifier(rs.getString("qualifier"));
authorization.setObject(rs.getString("object"));
authorization.setMethod(rs.getString("method"));
if (rs.getTimestamp("activationDate") != null) {
authorization.setActivationDate(new Date(rs.getTimestamp(
"activationDate").getTime()));
}
if (rs.getTimestamp("deactivationDate") != null) {
authorization.setDeactivationDate(new Date(rs.getTimestamp(
"deactivationDate").getTime()));
}
Person user = new Person();
user.setId(toLowerCase(rs.getString("userId")));
user.setName(rs.getString("userName"));
user.setUri(rs.getString("userUri"));
authorization.setUser(user);
if (rs.getString("activatedBy") != null && rs.getString(
"activatedBy").trim().length() > 0) {
Person activatedBy = new Person();
activatedBy.setId(rs.getString("activatedBy"));
activatedBy.setName(rs.getString("activatedByName"));
activatedBy.setUri(rs.getString("activatedByUri"));
authorization.setActivatedBy(activatedBy);
}
if (rs.getString("deactivatedBy") != null && rs.getString(
"deactivatedBy").trim().length() > 0) {
Person deactivatedBy = new Person();
deactivatedBy.setId(rs.getString("deactivatedBy"));
deactivatedBy.setName(rs.getString("deactivatedByName"));
deactivatedBy.setUri(rs.getString("deactivatedByUri"));
authorization.setDeactivatedBy(deactivatedBy);
}
list.add(authorization);
}
} catch (SQLException e) {
log.error("SQL: " + qs);
log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
} finally {
if (rs != null) {
try {
rs.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
rs = null;
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
stmt = null;
}
if (conn != null) {
try {
conn.commit();
conn.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
conn = null;
}
}
return list;
}
/**
* <p>Inserts a new Authorization into the database.</p>
*
* @param authorization the Authorization to add
* @return the id of the new Authorization
*/
public static int insertAuthorization(Authorization authorization) {
int id = -1;
// make sure users are on file
if (authorization.getUser() != null) {
verifyPerson(authorization.getUser());
}
if (authorization.getActivatedBy() != null) {
verifyPerson(authorization.getActivatedBy());
}
if (authorization.getDeactivatedBy() != null) {
verifyPerson(authorization.getDeactivatedBy());
}
Connection conn = null;
String qs = null;
PreparedStatement ps = null;
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
qs = "insert into authorization (active, context, object, method,
qualifier, userId, activationDate, activatedBy, deactivationDate,
deactivatedBy) values(?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
ps = conn.prepareStatement(qs);
ps.setInt(1, authorization.isActive()?1:0);
ps.setString(2, authorization.getContext());
ps.setString(3, authorization.getObject());
ps.setString(4, authorization.getMethod());
ps.setString(5, authorization.getQualifier());
ps.setString(6, toLowerCase(authorization.getUser().getId()));
Timestamp date = null;
if (authorization.getActivationDate() != null) {
date = new Timestamp(authorization.getActivationDate().getTime());
}
ps.setTimestamp(7, date);
String activatedBy = null;
if (authorization.getActivatedBy() != null) {
activatedBy = authorization.getActivatedBy().getId();
}
ps.setString(8, activatedBy);
date = null;
if (authorization.getDeactivationDate() != null) {
date = new Timestamp(authorization.getDeactivationDate().getTime());
}
ps.setTimestamp(9, date);
String deactivatedBy = null;
if (authorization.getDeactivatedBy() != null) {
deactivatedBy = authorization.getDeactivatedBy().getId();
}
ps.setString(10, deactivatedBy);
ps.execute();
qs = "select @@IDENTITY";
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(qs);
if (rs.next()) {
id = rs.getInt(1);
}
conn.commit();
} catch (SQLException e) {
log.error("SQL: " + qs);
log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
} finally {
if (ps != null) {
try {
ps.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
ps = null;
}
if (conn != null) {
try {
conn.commit();
conn.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
conn = null;
}
}
return id;
}
/**
* <p>Updates an existing Authorization.</p>
*
* @param authorization the Authorization to update
* @return true if the update was successful
*/
public static boolean updateAuthorization(Authorization authorization) {
boolean success = false;
// make sure users are on file
if (authorization.getUser() != null) {
verifyPerson(authorization.getUser());
}
if (authorization.getActivatedBy() != null) {
verifyPerson(authorization.getActivatedBy());
}
if (authorization.getDeactivatedBy() != null) {
verifyPerson(authorization.getDeactivatedBy());
}
Connection conn = null;
String qs = null;
PreparedStatement ps = null;
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
qs = "update authorization set active=?, context=?, object=?, method=?,
qualifier=?, userId=?, activationDate=?, activatedBy=?, deactivationDate=?,
deactivatedBy=? where id=?";
ps = conn.prepareStatement(qs);
ps.setInt(1, authorization.isActive()?1:0);
ps.setString(2, authorization.getContext());
ps.setString(3, authorization.getObject());
ps.setString(4, authorization.getMethod());
ps.setString(5, authorization.getQualifier());
ps.setString(6, toLowerCase(authorization.getUser().getId()));
Timestamp date = null;
if (authorization.getActivationDate() != null) {
date = new Timestamp(authorization.getActivationDate().getTime());
}
ps.setTimestamp(7, date);
String activatedBy = null;
if (authorization.getActivatedBy() != null) {
activatedBy = authorization.getActivatedBy().getId();
}
ps.setString(8, activatedBy);
date = null;
if (authorization.getDeactivationDate() != null) {
date = new Timestamp(authorization.getDeactivationDate().getTime());
}
ps.setTimestamp(9, date);
String deactivatedBy = null;
if (authorization.getDeactivatedBy() != null) {
deactivatedBy = authorization.getDeactivatedBy().getId();
}
ps.setString(10, deactivatedBy);
ps.setInt(11, authorization.getId());
ps.execute();
conn.commit();
success = true;
} catch (SQLException e) {
log.error("SQL: " + qs);
log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
} finally {
if (ps != null) {
try {
ps.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
ps = null;
}
if (conn != null) {
try {
conn.commit();
conn.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
conn = null;
}
}
return success;
}
/**
* <p>Checks to see if user is on file, and if not, adds it.</p>
*
* @param user the user to verify
*/
public static void verifyPerson(Person user) {
if (getUser(user.getId()) == null) {
insertPerson(user);
}
}
/**
* <p>Handles a get request for a single Person.</p>
*
* @param id the id of the requested record
* @return the requested Person
*/
public static Person getUser(String id) {
Person user = null;
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
String qs = null;
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
stmt = conn.createStatement();
qs = "select * from user where id='" + id + "'";
rs = stmt.executeQuery(qs);
if (rs.next()) {
user = new Person();
user.setId(toLowerCase(rs.getString("id")));
user.setName(rs.getString("name"));
user.setUri(rs.getString("uri"));
}
} catch (SQLException e) {
log.error("SQL: " + qs);
log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
} finally {
if (rs != null) {
try {
rs.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
rs = null;
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
stmt = null;
}
if (conn != null) {
try {
conn.commit();
conn.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
conn = null;
}
}
return user;
}
/**
* <p>Inserts a new Person into the database.</p>
*
* @param user the Person to add
* @return true if the insert was successful
*/
public static boolean insertPerson(Person user) {
boolean success = false;
Connection conn = null;
String qs = null;
PreparedStatement ps = null;
try {
conn = dataSource.getConnection();
conn.setAutoCommit(false);
qs = "insert into user (id, name, uri) values(?, ?, ?)";
ps = conn.prepareStatement(qs);
ps.setString(1, toLowerCase(user.getId()));
ps.setString(2, user.getName());
ps.setString(3, user.getUri());
ps.execute();
conn.commit();
success = true;
} catch (SQLException e) {
log.error("SQL: " + qs);
log.error("SQL error: " + e.toString() + "; " + e.getMessage(), e);
} finally {
if (ps != null) {
try {
ps.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
ps = null;
}
if (conn != null) {
try {
conn.commit();
conn.close();
} catch (SQLException sqle) {
log.error("SQL error: " + sqle.toString() + "; " +
sqle.getMessage(), sqle);
}
conn = null;
}
}
return success;
}
/**
* <p>Returns the get-by-id query statement.</p>
*
* @return the get-by-id query statement
*/
private static String getAuthorizationQueryStatement(int id) {
StringBuffer buffer = new StringBuffer();
buffer.append(" select\n");
buffer.append(" a.id,\n");
buffer.append(" a.active,\n");
buffer.append(" a.context,\n");
buffer.append(" a.object,\n");
buffer.append(" a.method,\n");
buffer.append(" a.qualifier,\n");
buffer.append(" a.userId,\n");
buffer.append(" b.name as userName,\n");
buffer.append(" b.uri as userUri,\n");
buffer.append(" a.activationDate,\n");
buffer.append(" a.activatedBy,\n");
buffer.append(" c.name as activatedByName,\n");
buffer.append(" c.uri as activatedByUri,\n");
buffer.append(" a.deactivationDate,\n");
buffer.append(" a.deactivatedBy,\n");
buffer.append(" d.name as deactivatedByName,\n");
buffer.append(" d.uri as deactivatedByUri\n");
buffer.append(" from\n");
buffer.append(" authorization a\n");
buffer.append(" left outer join user b on a.userId = b.id\n");
buffer.append(" left outer join user c on a.activatedBy = c.id\n");
buffer.append(" left outer join user d on a.deactivatedBy = d.id\n");
buffer.append(" where\n");
buffer.append(" a.id = ");
buffer.append(id);
return buffer.toString();
}
/**
* <p>Returns the get-by-ids query statement.</p>
*
* @return the get-by-ids query statement
*/
private static String getAuthorizationQueryStatement(Map ids) {
StringBuffer buffer = new StringBuffer();
String context = (String) ids.get("context");
String object = (String) ids.get("object");
String method = (String) ids.get("method");
String qualifier = (String) ids.get("qualifier");
String userId = (String) ids.get("userId");
buffer.append(" select\n");
buffer.append(" a.id,\n");
buffer.append(" a.active,\n");
buffer.append(" a.context,\n");
buffer.append(" a.object,\n");
buffer.append(" a.method,\n");
buffer.append(" a.qualifier,\n");
buffer.append(" a.userId,\n");
buffer.append(" b.name as userName,\n");
buffer.append(" b.uri as userUri,\n");
buffer.append(" a.activationDate,\n");
buffer.append(" a.activatedBy,\n");
buffer.append(" c.name as activatedByName,\n");
buffer.append(" c.uri as activatedByUri,\n");
buffer.append(" a.deactivationDate,\n");
buffer.append(" a.deactivatedBy,\n");
buffer.append(" d.name as deactivatedByName,\n");
buffer.append(" d.uri as deactivatedByUri\n");
buffer.append(" from\n");
buffer.append(" authorization a\n");
buffer.append(" left outer join user b on a.userId = b.id\n");
buffer.append(" left outer join user c on a.activatedBy = c.id\n");
buffer.append(" left outer join user d on a.deactivatedBy = d.id\n");
buffer.append(" where\n");
buffer.append(" a.active = 1");
if (context != null && context.length() > 0 && !context.equals("*")) {
buffer.append(" and\n");
buffer.append(" a.context = '");
buffer.append(ids.get("context"));
buffer.append("'");
}
if (object != null && object.length() > 0 && !object.equals("*")) {
buffer.append(" and\n");
buffer.append(" a.object = '");
buffer.append(ids.get("object"));
buffer.append("'");
}
if (method != null && method.length() > 0 && !method.equals("*")) {
buffer.append(" and\n");
buffer.append(" a.method = '");
buffer.append(ids.get("method"));
buffer.append("'");
}
if (qualifier != null && qualifier.length() > 0 && !qualifier.equals("*")) {
buffer.append(" and\n");
buffer.append(" a.qualifier = '");
buffer.append(ids.get("qualifier"));
buffer.append("'");
}
if (userId != null && userId.length() > 0 && !userId.equals("*")) {
buffer.append(" and\n");
buffer.append(" a.userId = '");
buffer.append(ids.get("userId"));
buffer.append("'");
}
return buffer.toString();
}
/**
* <p>Returns the query statement.</p>
*
* @return the query statement
*/
private static String getQueryStatement(Map ids) {
StringBuffer buffer = new StringBuffer();
String context = (String) ids.get("context");
if (context != null) {
context = context.trim();
if ("".equals(context) || "*".equals(context)) {
context = null;
}
}
String object = (String) ids.get("object");
if (object != null) {
object = object.trim();
if ("".equals(object) || "*".equals(object)) {
object = null;
}
}
String method = (String) ids.get("method");
if (method != null) {
method = method.trim();
if ("".equals(method) || "*".equals(method)) {
method = null;
}
}
String qualifier = (String) ids.get("qualifier");
if (qualifier != null) {
qualifier = qualifier.trim();
if ("".equals(qualifier) || "*".equals(qualifier)) {
qualifier = null;
}
}
String userId = (String) ids.get("userId");
if (userId != null) {
userId = userId.trim();
if ("".equals(userId) || "*".equals(userId)) {
userId = null;
}
}
buffer.append(" select\n");
buffer.append(" a.id,\n");
buffer.append(" a.active,\n");
buffer.append(" a.context,\n");
buffer.append(" a.object,\n");
buffer.append(" a.method,\n");
buffer.append(" a.qualifier,\n");
buffer.append(" a.userId,\n");
buffer.append(" b.name as userName,\n");
buffer.append(" b.uri as userUri,\n");
buffer.append(" a.activationDate,\n");
buffer.append(" a.activatedBy,\n");
buffer.append(" c.name as activatedByName,\n");
buffer.append(" c.uri as activatedByUri,\n");
buffer.append(" a.deactivationDate,\n");
buffer.append(" a.deactivatedBy,\n");
buffer.append(" d.name as deactivatedByName,\n");
buffer.append(" d.uri as deactivatedByUri\n");
buffer.append(" from\n");
buffer.append(" authorization a\n");
buffer.append(" left outer join user b on a.userId = b.id\n");
buffer.append(" left outer join user c on a.activatedBy = c.id\n");
buffer.append(" left outer join user d on a.deactivatedBy = d.id\n");
buffer.append(" where\n");
buffer.append(" a.active = 1");
if (context != null) {
buffer.append(" and\n");
buffer.append(" a.context = '");
buffer.append(context);
buffer.append("'");
}
if (object != null) {
buffer.append(" and\n");
buffer.append(" a.object = '");
buffer.append(object);
buffer.append("'");
}
if (method != null) {
buffer.append(" and\n");
buffer.append(" a.method = '");
buffer.append(method);
buffer.append("'");
}
if (qualifier != null) {
buffer.append(" and\n");
buffer.append(" a.qualifier = '");
buffer.append(qualifier);
buffer.append("'");
}
if (userId != null) {
buffer.append(" and\n");
buffer.append(" a.userId = '");
buffer.append(userId);
buffer.append("'");
}
buffer.append("\n");
buffer.append(" order by\n");
buffer.append(" a.context,\n");
buffer.append(" a.object,\n");
buffer.append(" a.method,\n");
buffer.append(" a.qualifier,\n");
buffer.append(" a.userId");
return buffer.toString();
}
/**
* <p>This method is used to convert a string to lower case.</p>
*
* @param string the string to convert
* @return the converted string
*/
private static String toLowerCase(String string) {
return string!=null&&!string.equals("")?string.toLowerCase():null;
}
/**
* <p>This method is used to look up the <code>DataSource</code>
* by name.</p>
*
* @return the Authorization <code>DataSource</code>
*/
private static DataSource getDataSource() {
DataSource thisDataSource = null;
String dataSourceName = "java:comp/env/jdbc/authorization";
try {
Context ctx = new InitialContext(new Hashtable());
thisDataSource = (DataSource) ctx.lookup(dataSourceName);
} catch (Throwable t) {
log.error("Exception obtaining DataSource (\"" + dataSourceName +
"\"): " + t.toString(), t);
}
return thisDataSource;
}
}
The primary public methods in this module are:
- getAuthorization – the “read”
- insertAuthorization – the “write”
- updateAuthorization – the “rewrite”
- query – the “find”
- verifyAuthorization – a “read” with a twist: if the record is not found, then add it; either way, return the record.
Next time, we’ll take a look at extending our RestServletBase class to create an AuthorizationServlet.
Sorry, the comment form is closed at this time.
