From d49198a9443bcd5eaa6a144f2e7f79a297929ed4 Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Fri, 21 Oct 2005 07:32:48 +0000
Subject: [PATCH] SEC-43: Eliminate id column.

---
 .../acl/basic/jdbc/JdbcExtendedDaoImpl.java   | 54 +++++++------------
 1 file changed, 20 insertions(+), 34 deletions(-)

diff --git a/core/src/main/java/org/acegisecurity/acl/basic/jdbc/JdbcExtendedDaoImpl.java b/core/src/main/java/org/acegisecurity/acl/basic/jdbc/JdbcExtendedDaoImpl.java
index 6edbe4fe99..ba28cc685f 100644
--- a/core/src/main/java/org/acegisecurity/acl/basic/jdbc/JdbcExtendedDaoImpl.java
+++ b/core/src/main/java/org/acegisecurity/acl/basic/jdbc/JdbcExtendedDaoImpl.java
@@ -12,7 +12,6 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
 package net.sf.acegisecurity.acl.basic.jdbc;
 
 import net.sf.acegisecurity.acl.basic.AclObjectIdentity;
@@ -47,12 +46,12 @@ import javax.sql.DataSource;
  * Extension of the base {@link JdbcDaoImpl}, which implements {@link
  * BasicAclExtendedDao}.
  * </p>
- * 
+ *
  * <p>
  * A default database structure is assumed. This may be overridden by setting
  * the default query strings to use.
  * </p>
- * 
+ *
  * <p>
  * This implementation works with <code>String</code> based recipients and
  * {@link net.sf.acegisecurity.acl.basic.NamedEntityObjectIdentity} only. The
@@ -65,18 +64,13 @@ import javax.sql.DataSource;
  */
 public class JdbcExtendedDaoImpl extends JdbcDaoImpl
     implements BasicAclExtendedDao {
-    //~ Static fields/initializers =============================================
-
     private static final Log logger = LogFactory.getLog(JdbcExtendedDaoImpl.class);
     public static final String DEF_ACL_OBJECT_IDENTITY_DELETE_STATEMENT = "DELETE FROM acl_object_identity WHERE id = ?";
-    public static final String DEF_ACL_OBJECT_IDENTITY_INSERT_STATEMENT = "INSERT INTO acl_object_identity (id, object_identity, parent_object, acl_class) VALUES (?, ?, ?, ?)";
+    public static final String DEF_ACL_OBJECT_IDENTITY_INSERT_STATEMENT = "INSERT INTO acl_object_identity (object_identity, parent_object, acl_class) VALUES (?, ?, ?)";
     public static final String DEF_ACL_PERMISSION_DELETE_STATEMENT = "DELETE FROM acl_permission WHERE acl_object_identity = ? AND recipient = ?";
-    public static final String DEF_ACL_PERMISSION_INSERT_STATEMENT = "INSERT INTO acl_permission (id, acl_object_identity, recipient, mask) VALUES (?, ?, ?, ?)";
+    public static final String DEF_ACL_PERMISSION_INSERT_STATEMENT = "INSERT INTO acl_permission (acl_object_identity, recipient, mask) VALUES (?, ?, ?)";
     public static final String DEF_ACL_PERMISSION_UPDATE_STATEMENT = "UPDATE acl_permission SET mask = ? WHERE id = ?";
     public static final String DEF_LOOKUP_PERMISSION_ID_QUERY = "SELECT id FROM acl_permission WHERE acl_object_identity = ? AND recipient = ?";
-
-    //~ Instance fields ========================================================
-
     private AclObjectIdentityDelete aclObjectIdentityDelete;
     private AclObjectIdentityInsert aclObjectIdentityInsert;
     private AclPermissionDelete aclPermissionDelete;
@@ -90,8 +84,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
     private String aclPermissionUpdateStatement;
     private String lookupPermissionIdQuery;
 
-    //~ Constructors ===========================================================
-
     public JdbcExtendedDaoImpl() {
         aclObjectIdentityDeleteStatement = DEF_ACL_OBJECT_IDENTITY_DELETE_STATEMENT;
         aclObjectIdentityInsertStatement = DEF_ACL_OBJECT_IDENTITY_INSERT_STATEMENT;
@@ -101,8 +93,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
         lookupPermissionIdQuery = DEF_LOOKUP_PERMISSION_ID_QUERY;
     }
 
-    //~ Methods ================================================================
-
     public void setAclObjectIdentityDelete(
         AclObjectIdentityDelete aclObjectIdentityDelete) {
         this.aclObjectIdentityDelete = aclObjectIdentityDelete;
@@ -218,8 +208,8 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
 
         if (permissionId == -1) {
             throw new DataRetrievalFailureException(
-                "Could not locate existing acl_permission for aclObjectIdentity: "
-                + aclObjectIdentity + ", recipient: " + recipient.toString());
+                "Could not locate existing acl_permission for aclObjectIdentity: " +
+                aclObjectIdentity + ", recipient: " + recipient.toString());
         }
 
         // Change permission
@@ -237,12 +227,11 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
         }
 
         // Retrieve acl_object_identity record details
-        AclDetailsHolder aclDetailsHolder = lookupAclDetailsHolder(basicAclEntry
-                .getAclObjectIdentity());
+        AclDetailsHolder aclDetailsHolder = lookupAclDetailsHolder(basicAclEntry.getAclObjectIdentity());
 
         // Ensure there isn't an existing record for this recipient
         if (lookupPermissionId(aclDetailsHolder.getForeignKeyId(),
-                basicAclEntry.getRecipient()) != -1) {
+                    basicAclEntry.getRecipient()) != -1) {
             throw new DataIntegrityViolationException(
                 "This recipient already exists for this aclObjectIdentity");
         }
@@ -260,8 +249,8 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
         AclDetailsHolder aclDetailsHolder = lookupAclDetailsHolder(aclObjectIdentity);
 
         // Retrieve all acl_permissions applying to this acl_object_identity
-        Iterator acls = aclsByObjectIdentity.execute(aclDetailsHolder
-                .getForeignKeyId()).iterator();
+        Iterator acls = aclsByObjectIdentity.execute(aclDetailsHolder.getForeignKeyId())
+                                            .iterator();
 
         // Delete all existing acl_permissions applying to this acl_object_identity
         while (acls.hasNext()) {
@@ -305,16 +294,14 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
      */
     private void createAclObjectIdentityIfRequired(BasicAclEntry basicAclEntry)
         throws DataAccessException {
-        String aclObjectIdentityString = convertAclObjectIdentityToString(basicAclEntry
-                .getAclObjectIdentity());
+        String aclObjectIdentityString = convertAclObjectIdentityToString(basicAclEntry.getAclObjectIdentity());
 
         // Lookup the object's main properties from the RDBMS (guaranteed no nulls)
         List objects = objectProperties.execute(aclObjectIdentityString);
 
         if (objects.size() == 0) {
             if (basicAclEntry.getAclObjectParentIdentity() != null) {
-                AclDetailsHolder parentDetails = lookupAclDetailsHolder(basicAclEntry
-                        .getAclObjectParentIdentity());
+                AclDetailsHolder parentDetails = lookupAclDetailsHolder(basicAclEntry.getAclObjectParentIdentity());
 
                 // Must create the acl_object_identity record
                 aclObjectIdentityInsert.insert(aclObjectIdentityString,
@@ -367,8 +354,9 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
      */
     private int lookupPermissionId(int aclObjectIdentityId, Object recipient)
         throws DataAccessException {
-        List list = lookupPermissionIdMapping.execute(new Object[] {new Integer(
-                        aclObjectIdentityId), recipient});
+        List list = lookupPermissionIdMapping.execute(new Object[] {
+                    new Integer(aclObjectIdentityId), recipient
+                });
 
         if (list.size() == 0) {
             return -1;
@@ -377,8 +365,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
         return ((Integer) list.get(0)).intValue();
     }
 
-    //~ Inner Classes ==========================================================
-
     protected class AclObjectIdentityDelete extends SqlUpdate {
         protected AclObjectIdentityDelete(DataSource ds) {
             super(ds, aclObjectIdentityDeleteStatement);
@@ -395,7 +381,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
     protected class AclObjectIdentityInsert extends SqlUpdate {
         protected AclObjectIdentityInsert(DataSource ds) {
             super(ds, aclObjectIdentityInsertStatement);
-            declareParameter(new SqlParameter(Types.INTEGER));
             declareParameter(new SqlParameter(Types.VARCHAR));
             declareParameter(new SqlParameter(Types.INTEGER));
             declareParameter(new SqlParameter(Types.VARCHAR));
@@ -405,7 +390,9 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
         protected void insert(String objectIdentity,
             Integer parentAclObjectIdentity, String aclClass)
             throws DataAccessException {
-            Object[] objs = new Object[] {null, objectIdentity, parentAclObjectIdentity, aclClass};
+            Object[] objs = new Object[] {
+                    objectIdentity, parentAclObjectIdentity, aclClass
+                };
             super.update(objs);
         }
     }
@@ -420,7 +407,7 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
 
         protected void delete(Integer aclObjectIdentity, String recipient)
             throws DataAccessException {
-            super.update(new Object[] {aclObjectIdentity, recipient});
+            super.update(new Object[] { aclObjectIdentity, recipient });
         }
     }
 
@@ -428,7 +415,6 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
         protected AclPermissionInsert(DataSource ds) {
             super(ds, aclPermissionInsertStatement);
             declareParameter(new SqlParameter(Types.INTEGER));
-            declareParameter(new SqlParameter(Types.INTEGER));
             declareParameter(new SqlParameter(Types.VARCHAR));
             declareParameter(new SqlParameter(Types.INTEGER));
             compile();
@@ -436,7 +422,7 @@ public class JdbcExtendedDaoImpl extends JdbcDaoImpl
 
         protected void insert(Integer aclObjectIdentity, String recipient,
             Integer mask) throws DataAccessException {
-            Object[] objs = new Object[] {null, aclObjectIdentity, recipient, mask};
+            Object[] objs = new Object[] { aclObjectIdentity, recipient, mask };
             super.update(objs);
         }
     }