Skip to content
Snippets Groups Projects
Commit edb59b3d authored by Robert Butora's avatar Robert Butora
Browse files

auth: clean AuthPolicyDb

parent 3d7c5f69
No related branches found
No related tags found
No related merge requests found
......@@ -44,7 +44,7 @@ public class AuthPolicy
// private String dbUserName;
// private String dbPassword;
/*
public AuthPolicy(String userName, String[] userGroups)
{
this.userName = userName;
......@@ -55,7 +55,7 @@ public class AuthPolicy
LOGGER.finer("User [Groups]: " + userName + " [ " + String.join(" ", userGroups) + " ]" );
}
*/
......@@ -160,17 +160,10 @@ public class AuthPolicy
public String[] filterAuthorized(String[] pubdidArr)
{
//this.dbConnUrl = dbConnUrl;
//this.dbUserName = dbUserName;
//this.dbPassword = dbPassword;
LOGGER.finer("with String[] trace");
return filterAuthorized(new ArrayList<String>(Arrays.asList(pubdidArr)));
}
private String[] filterAuthorized(ArrayList<String> pubdidList)
{
LOGGER.fine("with List <String> trace");
ArrayList<String> pubdidList = new ArrayList<String>(Arrays.asList(pubdidArr));
switch(access)
{
case PUBLIC_ONLY :
......@@ -271,10 +264,6 @@ public class AuthPolicy
AuthPolicyDb adb;
synchronized(AuthPolicyDb.class)
{
//AuthPolicyDb.dbConnUrl = this.dbConnUrl;
//AuthPolicyDb.dbUserName = this.dbUserName;
//AuthPolicyDb.dbPassword = this.dbPassword;
adb = new AuthPolicyDb();
}
......@@ -298,7 +287,6 @@ public class AuthPolicy
private List<String> pubdidsNotAuthorized(List<AuthPolicyDb.PubdidGroups> pubdidList, String[] userGroups)
{
LOGGER.fine("trace");
//LOGGER.finer("userGroups: " + String.join(" ",userGroups));
List<String> pubdidsNotAuthorizedList = new LinkedList<String>();
ListIterator<AuthPolicyDb.PubdidGroups> it = pubdidList.listIterator();
......
......@@ -31,20 +31,8 @@ public class AuthPolicyDb
{
private static final Logger LOGGER = Logger.getLogger(AuthPolicyDb.class.getName());
private static final String DB_DRIVER = "org.postgresql.Driver";
private static final AuthZSettings settings = AuthZSettings.getInstance("authpolicy.properties");
static public AuthZSettings.DBConn dbconn = settings.dbConn;
private Connection conn;
private Statement st;
private ResultSet res;
AuthPolicyDb(){
conn = null;
st = null;
res = null;
}
private static final AuthZSettings.DBConn dbconn = settings.dbConn;
public class PubdidGroups
......@@ -59,36 +47,8 @@ public class AuthPolicyDb
}
/*
private String convertToVlkbPubdid(String obscorePubdid)
{
final String PUBDID_PREFIX = dbconn.obscorePublisher;
if(obscorePubdid.startsWith(PUBDID_PREFIX))
return obscorePubdid.substring( PUBDID_PREFIX.length() );
else
return obscorePubdid;
}
private Set<String> convertToObscorePubdids(Set<String> vlkbPubdids)
{
final String PUBDID_PREFIX = dbconn.obscorePublisher;
Set<String> obscorePubdids = new HashSet<String>();
for(String pubdid : vlkbPubdids)
{
String obscorePubdid = "\'" + PUBDID_PREFIX + pubdid + "\'";
obscorePubdids.add(obscorePubdid);
}
return obscorePubdids;
}
*/
public List<PubdidGroups> queryGroupsPrivateOnly(Set<String> uniqPubdids)
{
//Set<String> uniqObscorePubdids = convertToObscorePubdids(uniqPubdids);
Set<String> uniqObscorePubdids = uniqPubdids;
String commaSepObscorePubdids = String.join("\',\'", uniqObscorePubdids);
......@@ -97,20 +57,16 @@ public class AuthPolicyDb
String TheQuery = "SELECT obs_publisher_did,groups FROM obscore "
+ "WHERE (policy = 'PRIV') AND (obs_publisher_did IN (\'"+commaSepObscorePubdids+"\'));";
// FIXME use separate table holding _only_ private data-id's
//String TheQuery = "SELECT obs_publisher_did,groups FROM permissions "
// + "WHERE (obs_publisher_did IN (\'"+commaSepObscorePubdids+"\'));";
//LOGGER.finest(TheQuery);
LOGGER.finer("Connecting to: "+dbconn.uri()+" with optional user/pwd: "+dbconn.userName()+" / ***");
List<PubdidGroups> pubdidGroups = new LinkedList<PubdidGroups>();
try
{
res = doQuery(TheQuery);
try(Connection conn = DriverManager.getConnection(dbconn.uri(), dbconn.userName(), dbconn.password());
Statement st = conn.createStatement();
ResultSet res = st.executeQuery(TheQuery);)
{
while (res.next())
{
//String pubdid = convertToVlkbPubdid(res.getString("obs_publisher_did"));
String pubdid = res.getString("obs_publisher_did");
Array groupsArr = res.getArray("groups");
......@@ -129,31 +85,12 @@ public class AuthPolicyDb
logSqlExInfo(se);
se.printStackTrace();
}
catch (ClassNotFoundException e)
{
LOGGER.severe("DB driver "+ DB_DRIVER +" not found: " + e.getMessage());
e.printStackTrace();
}
finally
{
closeAll();
}
return pubdidGroups;
}
private void closeAll()
private void logSqlExInfo(SQLException se)
{
if(res != null ) try { res.close(); } catch(Exception e) {LOGGER.severe("DB ResultSet::close() failed");}
if(st != null ) try { st.close(); } catch(Exception e) {LOGGER.severe("DB Statement::close() failed");}
if(conn != null ) try { conn.close();} catch(Exception e) {LOGGER.severe("DB Connection::close() failed");}
}
private void logSqlExInfo(SQLException se){
/* dbconn.print_class_vars(); */
LOGGER.severe("SQLState : " + se.getSQLState());
LOGGER.severe("ErrorCode: " + se.getErrorCode());
LOGGER.severe("Message : " + se.getMessage());
......@@ -164,97 +101,5 @@ public class AuthPolicyDb
}
}
private ResultSet doQuery(String TheQuery)
throws SQLException, ClassNotFoundException
{
/* https://docs.oracle.com/javase/tutorial/jdbc/basics/connecting.html :
Any JDBC 4.0 drivers that are found in your class path are automatically loaded.
(However, you must manually load any drivers prior to JDBC 4.0 with the method
Class.forName.)
*/
// try {
// Class.forName(DB_DRIVER);
/* OR
DriverManager.registerDriver(new org.postgresql.Driver());
*/
//LOGGER.finest(getRegisteredDriverList());
// FIXME seems DriverManager expects jdbc:postgresql driver scheme, it does not support postgresql:// scheme
// additionally:
// jdbc:postgresql:// scheme does not support username:password in the URL.
// So:
// receive postgresql:// scheme with user:password and convert to jdbc:postgresql://
// by extracting userName and password from the URL-string and prepending 'jdbc:'
//
/* LOGGER.finest("DBMS URL: " + dbConnUrl);
URI dbConnUri = new URI(dbConnUrl);
String userInfoString = dbConnUri.getUserInfo();
if(userInfoString == null) throw new AssertionError("DBMS URL must contain user:password but it is: " + dbConnUrl);
String[] userInfo = userInfoString.split(":");
if(userInfo.length < 2) throw new AssertionError("DBMS URL must contain user:password but it is: " + dbConnUrl);
String userName = userInfo[0];
String password = userInfo[1];
String dbConnJdbcUrl = "jdbc:" + dbConnUrl.replace(userInfoString + "@", "");
// LOGGER.finest("DBMS URL: " + dbConnUrl);*/
// LOGGER.finest("DBMS userName: " + dbUserName);
// LOGGER.finest("DBMS password: " + dbPassword);
// conn = DriverManager.getConnection(dbConnUrl, dbUserName, dbPassword);
// st = conn.createStatement();
// } catch (Exception e){ e.printStackTrace();}
// new
LOGGER.finer("Connecting to: " + dbconn.uri() + " with optional user/pwd: " + dbconn.userName() + " / " + dbconn.password() );
Connection conn = DriverManager.getConnection(dbconn.uri(), dbconn.userName(), dbconn.password());
Statement st = conn.createStatement();
ResultSet res = st.executeQuery(TheQuery);
return res;
// new end
// return st.executeQuery(TheQuery);
}
private String getClasspathString() {
StringBuffer classpath = new StringBuffer("getClasspathString:\r\n");
ClassLoader applicationClassLoader = this.getClass().getClassLoader();
if (applicationClassLoader == null) {
applicationClassLoader = ClassLoader.getSystemClassLoader();
}
URL[] urls = ((URLClassLoader)applicationClassLoader).getURLs();
for(int i=0; i < urls.length; i++) {
classpath.append(urls[i].getFile()).append("\r\n");
}
return classpath.toString();
}
private String getRegisteredDriverList()
{
StringBuffer drvList = new StringBuffer("getRegisteredDriverList:\r\n");
for (Enumeration e = DriverManager.getDrivers();
e.hasMoreElements(); )
{
Driver d = (Driver) e.nextElement();
String driverClass = d.getClass().getName();
drvList.append(driverClass).append("\r\n");
}
return drvList.toString();
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment