SEC-787: Converted SQL in BasicLookupStrategy to lower case to make it consistent with other classes.
This commit is contained in:
Luke Taylor
parent
d3a0f05de9
commit
0c28845d4e
|
|
@ -73,7 +73,7 @@ public final class BasicLookupStrategy implements LookupStrategy {
|
||||||
|
|
||||||
//~ Constructors ===================================================================================================
|
//~ Constructors ===================================================================================================
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor accepting mandatory arguments
|
* Constructor accepting mandatory arguments
|
||||||
*
|
*
|
||||||
* @param dataSource to access the database
|
* @param dataSource to access the database
|
||||||
|
|
@ -97,30 +97,30 @@ public final class BasicLookupStrategy implements LookupStrategy {
|
||||||
private static String computeRepeatingSql(String repeatingSql, int requiredRepetitions) {
|
private static String computeRepeatingSql(String repeatingSql, int requiredRepetitions) {
|
||||||
Assert.isTrue(requiredRepetitions >= 1, "Must be => 1");
|
Assert.isTrue(requiredRepetitions >= 1, "Must be => 1");
|
||||||
|
|
||||||
String startSql = "select ACL_OBJECT_IDENTITY.OBJECT_ID_IDENTITY, "
|
String startSql = "select acl_object_identity.object_id_identity, "
|
||||||
+ "ACL_ENTRY.ACE_ORDER, "
|
+ "acl_entry.ace_order, "
|
||||||
+ "ACL_OBJECT_IDENTITY.ID as ACL_ID, "
|
+ "acl_object_identity.id as acl_id, "
|
||||||
+ "ACL_OBJECT_IDENTITY.PARENT_OBJECT, "
|
+ "acl_object_identity.parent_object, "
|
||||||
+ "ACL_OBJECT_IDENTITY.ENTRIES_INHERITING, "
|
+ "acl_object_identity.entries_inheriting, "
|
||||||
+ "ACL_ENTRY.ID as ACE_ID, "
|
+ "acl_entry.id as ace_id, "
|
||||||
+ "ACL_ENTRY.MASK, "
|
+ "acl_entry.mask, "
|
||||||
+ "ACL_ENTRY.GRANTING, "
|
+ "acl_entry.granting, "
|
||||||
+ "ACL_ENTRY.AUDIT_SUCCESS, "
|
+ "acl_entry.audit_success, "
|
||||||
+ "ACL_ENTRY.AUDIT_FAILURE, "
|
+ "acl_entry.audit_failure, "
|
||||||
+ "ACL_SID.PRINCIPAL as ACE_PRINCIPAL, "
|
+ "acl_sid.principal as ace_principal, "
|
||||||
+ "ACL_SID.SID as ACE_SID, "
|
+ "acl_sid.sid as ace_sid, "
|
||||||
+ "ACLI_SID.PRINCIPAL as ACL_PRINCIPAL, "
|
+ "acli_sid.principal as acl_principal, "
|
||||||
+ "ACLI_SID.SID as ACL_SID, "
|
+ "acli_sid.sid as acl_sid, "
|
||||||
+ "ACL_CLASS.CLASS "
|
+ "acl_class.class "
|
||||||
+ "from ACL_OBJECT_IDENTITY "
|
+ "from acl_object_identity "
|
||||||
+ "left join ACL_SID ACLI_SID on ACLI_SID.ID = ACL_OBJECT_IDENTITY.OWNER_SID "
|
+ "left join acl_sid acli_sid on acli_sid.id = acl_object_identity.owner_sid "
|
||||||
+ "left join ACL_CLASS on ACL_CLASS.ID = ACL_OBJECT_IDENTITY.OBJECT_ID_CLASS "
|
+ "left join acl_class on acl_class.id = acl_object_identity.object_id_class "
|
||||||
+ "left join ACL_ENTRY on ACL_OBJECT_IDENTITY.ID = ACL_ENTRY.ACL_OBJECT_IDENTITY "
|
+ "left join acl_entry on acl_object_identity.id = acl_entry.acl_object_identity "
|
||||||
+ "left join ACL_SID on ACL_ENTRY.SID = ACL_SID.ID "
|
+ "left join acl_sid on acl_entry.sid = acl_sid.id "
|
||||||
+ "where ( ";
|
+ "where ( ";
|
||||||
|
|
||||||
String endSql = ") order by ACL_OBJECT_IDENTITY.OBJECT_ID_IDENTITY"
|
String endSql = ") order by acl_object_identity.object_id_identity"
|
||||||
+ " asc, ACL_ENTRY.ACE_ORDER asc";
|
+ " asc, acl_entry.ace_order asc";
|
||||||
|
|
||||||
StringBuffer sqlStringBuffer = new StringBuffer();
|
StringBuffer sqlStringBuffer = new StringBuffer();
|
||||||
sqlStringBuffer.append(startSql);
|
sqlStringBuffer.append(startSql);
|
||||||
|
|
@ -196,30 +196,30 @@ public final class BasicLookupStrategy implements LookupStrategy {
|
||||||
*/
|
*/
|
||||||
private void convertCurrentResultIntoObject(Map acls, ResultSet rs)
|
private void convertCurrentResultIntoObject(Map acls, ResultSet rs)
|
||||||
throws SQLException {
|
throws SQLException {
|
||||||
Long id = new Long(rs.getLong("ACL_ID"));
|
Long id = new Long(rs.getLong("acl_id"));
|
||||||
|
|
||||||
// If we already have an ACL for this ID, just create the ACE
|
// If we already have an ACL for this ID, just create the ACE
|
||||||
AclImpl acl = (AclImpl) acls.get(id);
|
AclImpl acl = (AclImpl) acls.get(id);
|
||||||
|
|
||||||
if (acl == null) {
|
if (acl == null) {
|
||||||
// Make an AclImpl and pop it into the Map
|
// Make an AclImpl and pop it into the Map
|
||||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl(rs.getString("CLASS"),
|
ObjectIdentity objectIdentity = new ObjectIdentityImpl(rs.getString("class"),
|
||||||
new Long(rs.getLong("OBJECT_ID_IDENTITY")));
|
new Long(rs.getLong("object_id_identity")));
|
||||||
|
|
||||||
Acl parentAcl = null;
|
Acl parentAcl = null;
|
||||||
long parentAclId = rs.getLong("PARENT_OBJECT");
|
long parentAclId = rs.getLong("parent_object");
|
||||||
|
|
||||||
if (parentAclId != 0) {
|
if (parentAclId != 0) {
|
||||||
parentAcl = new StubAclParent(new Long(parentAclId));
|
parentAcl = new StubAclParent(new Long(parentAclId));
|
||||||
}
|
}
|
||||||
|
|
||||||
boolean entriesInheriting = rs.getBoolean("ENTRIES_INHERITING");
|
boolean entriesInheriting = rs.getBoolean("entries_inheriting");
|
||||||
Sid owner;
|
Sid owner;
|
||||||
|
|
||||||
if (rs.getBoolean("ACL_PRINCIPAL")) {
|
if (rs.getBoolean("acl_principal")) {
|
||||||
owner = new PrincipalSid(rs.getString("ACL_SID"));
|
owner = new PrincipalSid(rs.getString("acl_sid"));
|
||||||
} else {
|
} else {
|
||||||
owner = new GrantedAuthoritySid(rs.getString("ACL_SID"));
|
owner = new GrantedAuthoritySid(rs.getString("acl_sid"));
|
||||||
}
|
}
|
||||||
|
|
||||||
acl = new AclImpl(objectIdentity, id, aclAuthorizationStrategy, auditLogger, parentAcl, null,
|
acl = new AclImpl(objectIdentity, id, aclAuthorizationStrategy, auditLogger, parentAcl, null,
|
||||||
|
|
@ -229,20 +229,20 @@ public final class BasicLookupStrategy implements LookupStrategy {
|
||||||
|
|
||||||
// Add an extra ACE to the ACL (ORDER BY maintains the ACE list order)
|
// Add an extra ACE to the ACL (ORDER BY maintains the ACE list order)
|
||||||
// It is permissable to have no ACEs in an ACL (which is detected by a null ACE_SID)
|
// It is permissable to have no ACEs in an ACL (which is detected by a null ACE_SID)
|
||||||
if (rs.getString("ACE_SID") != null) {
|
if (rs.getString("ace_sid") != null) {
|
||||||
Long aceId = new Long(rs.getLong("ACE_ID"));
|
Long aceId = new Long(rs.getLong("ace_id"));
|
||||||
Sid recipient;
|
Sid recipient;
|
||||||
|
|
||||||
if (rs.getBoolean("ACE_PRINCIPAL")) {
|
if (rs.getBoolean("ace_principal")) {
|
||||||
recipient = new PrincipalSid(rs.getString("ACE_SID"));
|
recipient = new PrincipalSid(rs.getString("ace_sid"));
|
||||||
} else {
|
} else {
|
||||||
recipient = new GrantedAuthoritySid(rs.getString("ACE_SID"));
|
recipient = new GrantedAuthoritySid(rs.getString("ace_sid"));
|
||||||
}
|
}
|
||||||
|
|
||||||
Permission permission = BasePermission.buildFromMask(rs.getInt("MASK"));
|
Permission permission = BasePermission.buildFromMask(rs.getInt("mask"));
|
||||||
boolean granting = rs.getBoolean("GRANTING");
|
boolean granting = rs.getBoolean("granting");
|
||||||
boolean auditSuccess = rs.getBoolean("AUDIT_SUCCESS");
|
boolean auditSuccess = rs.getBoolean("audit_success");
|
||||||
boolean auditFailure = rs.getBoolean("AUDIT_FAILURE");
|
boolean auditFailure = rs.getBoolean("audit_failure");
|
||||||
|
|
||||||
AccessControlEntryImpl ace = new AccessControlEntryImpl(aceId, acl, recipient, permission, granting,
|
AccessControlEntryImpl ace = new AccessControlEntryImpl(aceId, acl, recipient, permission, granting,
|
||||||
auditSuccess, auditFailure);
|
auditSuccess, auditFailure);
|
||||||
|
|
@ -283,7 +283,7 @@ public final class BasicLookupStrategy implements LookupStrategy {
|
||||||
|
|
||||||
// Make the "acls" map contain all requested objectIdentities
|
// Make the "acls" map contain all requested objectIdentities
|
||||||
// (including markers to each parent in the hierarchy)
|
// (including markers to each parent in the hierarchy)
|
||||||
String sql = computeRepeatingSql("(ACL_OBJECT_IDENTITY.OBJECT_ID_IDENTITY = ? and ACL_CLASS.CLASS = ?)",
|
String sql = computeRepeatingSql("(acl_object_identity.object_id_identity = ? and acl_class.class = ?)",
|
||||||
objectIdentities.length);
|
objectIdentities.length);
|
||||||
|
|
||||||
Set parentsToLookup = (Set) jdbcTemplate.query(sql,
|
Set parentsToLookup = (Set) jdbcTemplate.query(sql,
|
||||||
|
|
@ -338,7 +338,7 @@ public final class BasicLookupStrategy implements LookupStrategy {
|
||||||
Assert.notNull(acls, "ACLs are required");
|
Assert.notNull(acls, "ACLs are required");
|
||||||
Assert.notEmpty(findNow, "Items to find now required");
|
Assert.notEmpty(findNow, "Items to find now required");
|
||||||
|
|
||||||
String sql = computeRepeatingSql("(ACL_OBJECT_IDENTITY.ID = ?)", findNow.size());
|
String sql = computeRepeatingSql("(acl_object_identity.id = ?)", findNow.size());
|
||||||
|
|
||||||
Set parentsToLookup = (Set) jdbcTemplate.query(sql,
|
Set parentsToLookup = (Set) jdbcTemplate.query(sql,
|
||||||
new PreparedStatementSetter() {
|
new PreparedStatementSetter() {
|
||||||
|
|
@ -473,7 +473,7 @@ public final class BasicLookupStrategy implements LookupStrategy {
|
||||||
convertCurrentResultIntoObject(acls, rs);
|
convertCurrentResultIntoObject(acls, rs);
|
||||||
|
|
||||||
// Figure out if this row means we need to lookup another parent
|
// Figure out if this row means we need to lookup another parent
|
||||||
long parentId = rs.getLong("PARENT_OBJECT");
|
long parentId = rs.getLong("parent_object");
|
||||||
|
|
||||||
if (parentId != 0) {
|
if (parentId != 0) {
|
||||||
// See if it's already in the "acls"
|
// See if it's already in the "acls"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue