Newer
Older
package it.inaf.ia2.gms.persistence;
import it.inaf.ia2.gms.model.Permission;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import java.sql.PreparedStatement;
import java.sql.Types;
import java.util.ArrayList;
import java.util.List;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.stereotype.Component;
@Component
public class PermissionsDAO {
private final JdbcTemplate jdbcTemplate;
@Autowired
public PermissionsDAO(DataSource dataSource) {
jdbcTemplate = new JdbcTemplate(dataSource);
}
public PermissionEntity createOrUpdatePermission(PermissionEntity userPermission) {
String sql = "INSERT INTO gms_permission(group_id, user_id, permission, group_path) VALUES(?, ?, ?, ?)\n"
+ "ON CONFLICT (group_id, user_id) DO UPDATE\n"
+ "SET permission = EXCLUDED.permission";
jdbcTemplate.update(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, userPermission.getGroupId());
ps.setString(2, userPermission.getUserId());
ps.setObject(3, userPermission.getPermission().toString(), Types.OTHER);
ps.setObject(4, userPermission.getGroupPath(), Types.OTHER);
return ps;
});
return userPermission;
}
public List<PermissionEntity> findUserPermissions(String userId) {
String sql = "SELECT group_id, permission, group_path FROM gms_permission WHERE user_id = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, userId);
return ps;
}, resultSet -> {
List<PermissionEntity> permissions = new ArrayList<>();
while (resultSet.next()) {
PermissionEntity permission = new PermissionEntity();
permission.setGroupId(resultSet.getString("group_id"));
permission.setUserId(userId);
permission.setPermission(Permission.valueOf(resultSet.getString("permission")));
permission.setGroupPath(resultSet.getString("group_path"));
permissions.add(permission);
}
return permissions;
});
}
public List<PermissionEntity> findUserPermissions(String userId, String path) {
String sql = "SELECT group_id, permission, group_path FROM gms_permission WHERE user_id = ?\n"
+ "AND (group_path <@ ? OR group_path @> ?)";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, userId);
ps.setObject(2, path, Types.OTHER);
ps.setObject(3, path, Types.OTHER);
return ps;
}, resultSet -> {
List<PermissionEntity> permissions = new ArrayList<>();
while (resultSet.next()) {
PermissionEntity permission = new PermissionEntity();
permission.setGroupId(resultSet.getString("group_id"));
permission.setUserId(userId);
permission.setPermission(Permission.valueOf(resultSet.getString("permission")));
permission.setGroupPath(resultSet.getString("group_path"));
permissions.add(permission);
}
return permissions;
});
}
public Optional<PermissionEntity> findPermissionEntity(String groupId, String userId, Permission permission) {
String sql = "SELECT group_path FROM gms_permission WHERE group_id = ? AND user_id = ? AND permission = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, groupId);
ps.setString(2, userId);
ps.setObject(3, permission.toString(), Types.OTHER);
return ps;
}, resultSet -> {
if (resultSet.next()) {
PermissionEntity permissionEntity = new PermissionEntity();
permissionEntity.setGroupId(groupId);
permissionEntity.setUserId(userId);
permissionEntity.setPermission(permission);
permissionEntity.setGroupPath(resultSet.getString("group_path"));
return Optional.of(permissionEntity);
}
return Optional.empty();
});
}
public List<PermissionEntity> getGroupsPermissions(String groupId) {
String sql = "SELECT user_id, permission, group_path FROM gms_permission WHERE group_id = ?";
return jdbcTemplate.query(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, groupId);
return ps;
}, resultSet -> {
List<PermissionEntity> permissions = new ArrayList<>();
while (resultSet.next()) {
PermissionEntity permission = new PermissionEntity();
permission.setGroupId(groupId);
permission.setUserId(resultSet.getString("user_id"));
permission.setPermission(Permission.valueOf(resultSet.getString("permission")));
permission.setGroupPath(resultSet.getString("group_path"));
permissions.add(permission);
}
return permissions;
});
}
public void deletePermission(String groupId, String userId) {
String sql = "DELETE FROM gms_permission WHERE group_id = ? AND user_id = ?";
jdbcTemplate.update(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, groupId);
ps.setString(2, userId);
return ps;
});
}
public void movePermissions(String fromUserId, String toUserId) {
String sql = "UPDATE gms_permission SET user_id = ? WHERE user_id = ?";
jdbcTemplate.update(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, toUserId);
ps.setString(2, fromUserId);
return ps;
});
}
public void deleteAllGroupsPermissions(List<String> groupIds) {
String sql = "DELETE FROM gms_permission WHERE group_id IN ("
+ String.join(",", groupIds.stream().map(g -> "?").collect(Collectors.toList()))
+ ")";
jdbcTemplate.update(conn -> {
PreparedStatement ps = conn.prepareStatement(sql);
int i = 0;
for (String groupId : groupIds) {
ps.setString(++i, groupId);
}
return ps;
});
}