SEC-43: Eliminate id column.

2025-03-09 06:50:05 +00:00 · 2005-10-21 07:32:48 +00:00 · 2005-10-21 07:32:48 +00:00 · d49198a944
commit d49198a944
parent 41202112bc
1 changed files with 20 additions and 34 deletions
--- a/core/src/main/java/org/acegisecurity/acl/basic/jdbc/JdbcExtendedDaoImpl.java
+++ b/core/src/main/java/org/acegisecurity/acl/basic/jdbc/JdbcExtendedDaoImpl.java
@ -12,7 +12,6 @@
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
-
 package net.sf.acegisecurity.acl.basic.jdbc;

 import net.sf.acegisecurity.acl.basic.AclObjectIdentity;
@ -47,12 +46,12 @@ import javax.sql.DataSource;
 * Extension of the base {@link JdbcDaoImpl}, which implements {@link
 * BasicAclExtendedDao}.
 * </p>
- * 
+ *
 * <p>
 * A default database structure is assumed. This may be overridden by setting
 * the default query strings to use.
 * </p>
- * 
+ *
 * <p>
 * This implementation works with <code>String</code> based recipients and
 * {@link net.sf.acegisecurity.acl.basic.NamedEntityObjectIdentity} only. The
@ -65,18 +64,13 @@ import javax.sql.DataSource;
 */
 public class JdbcExtendedDaoImpl extends JdbcDaoImpl
    implements BasicAclExtendedDao {
-    //~ Static fields/initializers =============================================
-
    private static final Log logger = LogFactory.getLog(JdbcExtendedDaoImpl.class);
    public static final String DEF_ACL_OBJECT_IDENTITY_DELETE_STATEMENT = "DELETE FROM acl_object_identity WHERE id = ?";
-    public static final String DEF_ACL_OBJECT_IDENTITY_INSERT_STATEMENT = "INSERT INTO acl_object_identity (id, object_identity, parent_object, acl_class) VALUES (?, ?, ?, ?)";
+    public static final String DEF_ACL_OBJECT_IDENTITY_INSERT_STATEMENT = "INSERT INTO acl_object_identity (object_identity, parent_object, acl_class) VALUES (?, ?, ?)";
    public static final String DEF_ACL_PERMISSION_DELETE_STATEMENT = "DELETE FROM acl_permission WHERE acl_object_identity = ? AND recipient = ?";
-    public static final String DEF_ACL_PERMISSION_INSERT_STATEMENT = "INSERT INTO acl_permission (id, acl_object_identity, recipient, mask) VALUES (?, ?, ?, ?)";
+    public static final String DEF_ACL_PERMISSION_INSERT_STATEMENT = "INSERT INTO acl_permission (acl_object_identity, recipient, mask) VALUES (?, ?, ?)";
    public static final String DEF_ACL_PERMISSION_UPDATE_STATEMENT = "UPDATE acl_permission SET mask = ? WHERE id = ?";
    public static final String DEF_LOOKUP_PERMISSION_ID_QUERY = "SELECT id FROM acl_permission WHERE acl_object_identity = ? AND recipient = ?";
-
-    //~ Instance fields ========================================================
-
    private AclObjectIdentityDelete aclObjectIdentityDelete;
    private AclObjectIdentityInsert aclObjectIdentityInsert;
    private AclPermissionDelete aclPermissionDelete;
@ -90,8 +84,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
    private String aclPermissionUpdateStatement;
    private String lookupPermissionIdQuery;

-    //~ Constructors ===========================================================
-
    public JdbcExtendedDaoImpl() {
        aclObjectIdentityDeleteStatement = DEF_ACL_OBJECT_IDENTITY_DELETE_STATEMENT;
        aclObjectIdentityInsertStatement = DEF_ACL_OBJECT_IDENTITY_INSERT_STATEMENT;
@ -101,8 +93,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
        lookupPermissionIdQuery = DEF_LOOKUP_PERMISSION_ID_QUERY;
    }

-    //~ Methods ================================================================
-
    public void setAclObjectIdentityDelete(
        AclObjectIdentityDelete aclObjectIdentityDelete) {
        this.aclObjectIdentityDelete = aclObjectIdentityDelete;
@ -218,8 +208,8 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl

        if (permissionId == -1) {
            throw new DataRetrievalFailureException(
-                "Could not locate existing acl_permission for aclObjectIdentity: "
-                + aclObjectIdentity + ", recipient: " + recipient.toString());
+                "Could not locate existing acl_permission for aclObjectIdentity: " +
+                aclObjectIdentity + ", recipient: " + recipient.toString());
        }

        // Change permission
@ -237,12 +227,11 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
        }

        // Retrieve acl_object_identity record details
-        AclDetailsHolder aclDetailsHolder = lookupAclDetailsHolder(basicAclEntry
-                .getAclObjectIdentity());
+        AclDetailsHolder aclDetailsHolder = lookupAclDetailsHolder(basicAclEntry.getAclObjectIdentity());

        // Ensure there isn't an existing record for this recipient
        if (lookupPermissionId(aclDetailsHolder.getForeignKeyId(),
-                basicAclEntry.getRecipient()) != -1) {
+                    basicAclEntry.getRecipient()) != -1) {
            throw new DataIntegrityViolationException(
                "This recipient already exists for this aclObjectIdentity");
        }
@ -260,8 +249,8 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
        AclDetailsHolder aclDetailsHolder = lookupAclDetailsHolder(aclObjectIdentity);

        // Retrieve all acl_permissions applying to this acl_object_identity
-        Iterator acls = aclsByObjectIdentity.execute(aclDetailsHolder
-                .getForeignKeyId()).iterator();
+        Iterator acls = aclsByObjectIdentity.execute(aclDetailsHolder.getForeignKeyId())
+                                            .iterator();

        // Delete all existing acl_permissions applying to this acl_object_identity
        while (acls.hasNext()) {
@ -305,16 +294,14 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
     */
    private void createAclObjectIdentityIfRequired(BasicAclEntry basicAclEntry)
        throws DataAccessException {
-        String aclObjectIdentityString = convertAclObjectIdentityToString(basicAclEntry
-                .getAclObjectIdentity());
+        String aclObjectIdentityString = convertAclObjectIdentityToString(basicAclEntry.getAclObjectIdentity());

        // Lookup the object's main properties from the RDBMS (guaranteed no nulls)
        List objects = objectProperties.execute(aclObjectIdentityString);

        if (objects.size() == 0) {
            if (basicAclEntry.getAclObjectParentIdentity() != null) {
-                AclDetailsHolder parentDetails = lookupAclDetailsHolder(basicAclEntry
-                        .getAclObjectParentIdentity());
+                AclDetailsHolder parentDetails = lookupAclDetailsHolder(basicAclEntry.getAclObjectParentIdentity());

                // Must create the acl_object_identity record
                aclObjectIdentityInsert.insert(aclObjectIdentityString,
@ -367,8 +354,9 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
     */
    private int lookupPermissionId(int aclObjectIdentityId, Object recipient)
        throws DataAccessException {
-        List list = lookupPermissionIdMapping.execute(new Object[] {new Integer(
-                        aclObjectIdentityId), recipient});
+        List list = lookupPermissionIdMapping.execute(new Object[] {
+                    new Integer(aclObjectIdentityId), recipient
+                });

        if (list.size() == 0) {
            return -1;
@ -377,8 +365,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
        return ((Integer) list.get(0)).intValue();
    }

-    //~ Inner Classes ==========================================================
-
    protected class AclObjectIdentityDelete extends SqlUpdate {
        protected AclObjectIdentityDelete(DataSource ds) {
            super(ds, aclObjectIdentityDeleteStatement);
@ -395,7 +381,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
    protected class AclObjectIdentityInsert extends SqlUpdate {
        protected AclObjectIdentityInsert(DataSource ds) {
            super(ds, aclObjectIdentityInsertStatement);
-            declareParameter(new SqlParameter(Types.INTEGER));
            declareParameter(new SqlParameter(Types.VARCHAR));
            declareParameter(new SqlParameter(Types.INTEGER));
            declareParameter(new SqlParameter(Types.VARCHAR));
@ -405,7 +390,9 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
        protected void insert(String objectIdentity,
            Integer parentAclObjectIdentity, String aclClass)
            throws DataAccessException {
-            Object[] objs = new Object[] {null, objectIdentity, parentAclObjectIdentity, aclClass};
+            Object[] objs = new Object[] {
+                    objectIdentity, parentAclObjectIdentity, aclClass
+                };
            super.update(objs);
        }
    }
@ -420,7 +407,7 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl

        protected void delete(Integer aclObjectIdentity, String recipient)
            throws DataAccessException {
-            super.update(new Object[] {aclObjectIdentity, recipient});
+            super.update(new Object[] { aclObjectIdentity, recipient });
        }
    }

@ -428,7 +415,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
        protected AclPermissionInsert(DataSource ds) {
            super(ds, aclPermissionInsertStatement);
            declareParameter(new SqlParameter(Types.INTEGER));
-            declareParameter(new SqlParameter(Types.INTEGER));
            declareParameter(new SqlParameter(Types.VARCHAR));
            declareParameter(new SqlParameter(Types.INTEGER));
            compile();
@ -436,7 +422,7 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl

        protected void insert(Integer aclObjectIdentity, String recipient,
            Integer mask) throws DataAccessException {
-            Object[] objs = new Object[] {null, aclObjectIdentity, recipient, mask};
+            Object[] objs = new Object[] { aclObjectIdentity, recipient, mask };
            super.update(objs);
        }
    }