Cognos自定义权限认证,不明白QueryUtil类的逻辑,不知如何修改
0
不知道如何修改QueryUtil类使其吻合把自己项目里的用户角色,我的用户角色结构只有 用户表、角色表、用户角色关联表 3张表。
请大神指导一下QueryUtil.java里面的逻辑。小生新手,自己搞定不了很头疼,对于帮助万分感激不尽!
以下附上我根据网上的Demo修改的QueryUtil.java,出现的问题是,可以用自己的用户登录Cognos Connection后,用户旁除了“注销”选项,还有一个“登录”选项。
package com.cognos.authentication.jdbc;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Locale;
import com.cognos.CAM_AAA.authentication.INamespace;
import com.cognos.CAM_AAA.authentication.IQueryOption;
import com.cognos.CAM_AAA.authentication.ISearchFilter;
import com.cognos.CAM_AAA.authentication.ISearchFilterConditionalExpression;
import com.cognos.CAM_AAA.authentication.ISearchFilterFunctionCall;
import com.cognos.CAM_AAA.authentication.ISearchFilterRelationExpression;
import com.cognos.CAM_AAA.authentication.ISortProperty;
import com.cognos.CAM_AAA.authentication.QueryResult;
import com.cognos.authentication.adapters.Account;
import com.cognos.authentication.adapters.NamespaceFolder;
import com.cognos.authentication.adapters.Role;
import com.cognos.authentication.adapters.UiClass;
import com.cognos.authentication.util.DB2JDBCManager;
public class QueryUtil {
/**
*
* @ClassName: QueryUtil
* @Description: 创建用户
* @author --
* @date 2013-5-29 下午5:32:02
* @return Account
*/
public static Account createAccount(String userID, String userName,
INamespace theNamespace) throws SQLException {
if (userID != null) {
String userSearchPath = "u:" + userID;
Account account = new Account(userSearchPath);
System.out.println("createAccount:username:" + userName);
setAccountProperties(userName, account);
return account;
}
return null;
}
/**
*
* @ClassName: QueryUtil
* @Description: 设置用户属性-用户名称&语言环境
* @author --
* @date 2013-5-30 下午4:35:13
* @return void
*/
public static void setAccountProperties(String username, Account theAccount)
throws SQLException {
theAccount.setUserName(username);
//String locID = "2052";
//Locale locale = getLocale(locID);
theAccount.setProductLocale(Locale.SIMPLIFIED_CHINESE);
theAccount.setContentLocale(Locale.SIMPLIFIED_CHINESE);
theAccount.addName(Locale.SIMPLIFIED_CHINESE, username);
}
/**
*
* @ClassName: QueryUtil
* @Description: 取得系统语言环境
* @author --
* @date 2013-5-30 下午4:36:20
* @return Locale
*/
private static Locale getLocale(String theLocaleID) {
if (theLocaleID != null) {
switch (new Integer(theLocaleID).intValue()) {
case 1033:
return Locale.US;
case 1031:
return Locale.GERMAN;
case 1036:
return Locale.FRENCH;
case 1041:
return Locale.JAPANESE;
case 2057:
return Locale.UK;
case 1028:
return Locale.TRADITIONAL_CHINESE;
case 1042:
return Locale.KOREAN;
case 2052:
return Locale.SIMPLIFIED_CHINESE;
}
}
return Locale.ENGLISH;
}
/**
*
* @ClassName: QueryUtil
* @Description: 设置visa用户所在的角色
* @author --
* @date 2013-5-30 下午2:54:40
* @return void
*/
public static void setRoles(Connection connection, String userid,
JDBCVisa theVisa) throws SQLException {
try {
if (connection != null) {
ResultSet rst = null;
String sql = "SELECT ari.ROLEID,ari.ROLENAME FROM USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ur.USERID=?";
PreparedStatement pst = connection.prepareStatement(sql);
pst.setString(1, userid);
rst = pst.executeQuery();
while (rst.next()) {
String role_code = rst.getString("ROLEID");
String role_name = rst.getString("ROLENAME");
Role role = new Role("r:" + role_code);
role.addName(Locale.SIMPLIFIED_CHINESE, role_name);
theVisa.addRole(role);
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
}
}
/**
*
* @ClassName: QueryUtil
* @Description: 查找子角色
* @author --
* @date 2013-5-31 上午9:26:48
* @return void
*/
public static void querySubRoles(Connection connection,
ISortProperty[] theSortProperties, Role theRole,
INamespace theNamespace) throws SQLException {
try {
if (connection != null) {
ResultSet rst = null;
StringBuffer sqlStatement = new StringBuffer();
String roleID = theRole.getObjectID();
if (roleID == null) {
return;
}
roleID = roleID.substring(2);
sqlStatement
.append("SELECT ROLEID,ROLENAME, PARENTID from "
+ " (SELECT DISTINCT ROLEID,ROLENAME,"
+ " case when ROLEID='000' then null else '000' end PARENTID"
+ " FROM AWE_ROLE_INFO)table1"
+ " where PARENTID=?");
String theSortClause = new String();
if (theSortProperties != null) {
for (int i = 0; i < theSortProperties.length; i++) {
ISortProperty property = theSortProperties[i];
if (property.getPropertyName().compareTo("name") == 0) {
if (theSortClause.length() > 0) {
theSortClause += ", ";
}
theSortClause += " objectname";
if (property.getSortOrder() == ISortProperty.SortOrderAscending) {
theSortClause += " ASC";
} else {
theSortClause += " DESC";
}
}
}
if (theSortClause.length() > 0) {
sqlStatement.append(" ORDER BY ");
sqlStatement.append(theSortClause);
}
}
String sql = sqlStatement.toString();
PreparedStatement pst = connection.prepareStatement(sql);
pst.setString(1, roleID);
rst = pst.executeQuery();
while (rst.next()) {
// Create account object for the user.
String role_code = rst.getString("ROLEID");
String role_name = rst.getString("ROLENAME");
String searchPath = "r:" + role_code;
Role role = new Role(searchPath);
role.addName(Locale.SIMPLIFIED_CHINESE, role_name);
theRole.addMember(role);
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
}
}
/**
*
* @ClassName: QueryUtil
* @Description: 设置visa用户的祖先
* @author --
* @date 2013-5-29 下午4:18:13
* @return void
*/
public static void setAncestors(Connection connection,
ISortProperty[] theSortProperties, UiClass theUiClass,
INamespace theNamespace) throws SQLException {
try {
if (connection != null) {
ResultSet rst = null;
String objectId = theUiClass.getObjectID();
if (objectId == null) {
return;
}
boolean bIsUserRole = ((objectId.substring(0, 1))
.compareTo("r") == 0);
boolean bIsUser = ((objectId.substring(0, 1)).compareTo("u") == 0);
objectId = objectId.substring(2);
if (bIsUserRole) {
// 如果是用户角色
String sql = "SELECT ROLEID ,ROLENAME FROM AWE_ROLE_INFO WHERE ROLEID='000' ";
PreparedStatement pst = connection.prepareStatement(sql);
rst = pst.executeQuery();
if (rst.next()) {
// Create account object for the user.
String tempRoleCode = rst.getString("ROLEID");
String tempRoleName = rst.getString("ROLENAME");
String searchPath = "r:" + tempRoleCode;
Role role = new Role(searchPath);// 构建角色
role.addName(Locale.SIMPLIFIED_CHINESE, tempRoleName);// 添加角色名称
theUiClass.addAncestors(role);// 添加上代角色
}
} else {
if (bIsUser) {
// 如果是用户,首先找到所在的角色
String sql1 = "SELECT ari.ROLEID ,ari.ROLENAME FROM USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ur.USERID=? ";
PreparedStatement pst1 = connection
.prepareStatement(sql1);
pst1.setString(1, objectId);
ResultSet rst1 = pst1.executeQuery();
while (rst1.next()) {
String role_code = rst1.getString("ROLEID");
objectId = role_code;
String role_name = rst1.getString("ROLENAME");
String searchPath = "r:" + role_code;
Role role = new Role(searchPath);// 构建角色
role.addName(Locale.SIMPLIFIED_CHINESE, role_name);// 添加角色名称
theUiClass.addAncestors(role);// 添加上代角色
}
}
// 查找用户角色的父亲
while (true) {
//String sql = "SELECT ROLECODE,ROLENAME FROM FTZETL.FTZ_BANK WHERE ROLECODE=?";
String sql = "SELECT ROLEID,ROLENAME FROM AWE_ROLE_INFO WHERE ROLEID=?";
PreparedStatement pst = connection
.prepareStatement(sql);
pst.setString(1, objectId);
rst = pst.executeQuery();
if (rst.next()) {
// Create account object for the user.
String tempObjectId = rst.getString("ROLEID");
String tempObjectName = rst.getString("ROLENAME");
// 如果没有父亲,则停止查找
if ("000".equals(tempObjectId)) {
break;
} else {
// 如果还有父亲,继续查找
String searchPath = "r:" + tempObjectId;
Role role = new Role(searchPath);// 构建角色
role.addName(Locale.SIMPLIFIED_CHINESE,
tempObjectName);// 添加角色名称
theUiClass.addAncestors(role);// 添加上代角色
objectId = "000";
}
} else {
break;
}
}
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
}
}
/**
*
* @ClassName: QueryUtil
* @Description: TODO(这里用一句话描述这个类的作用)
* @author -- 查询当前对象的成员
* @date 2013-5-30 下午5:43:14
* @return void
*/
public static void query(String theSqlCondition,
IQueryOption theQueryOption, String[] theProperties,
ISortProperty[] theSortProperties, QueryResult theResult,
INamespace theNamespace) throws SQLException {
System.out.println("query----------");
Connection connection = null;
try {
connection = DB2JDBCManager.getConnection();
if (connection != null) {
StringBuffer sqlStatement = new StringBuffer();
// 构造用户u,角色r
/* sqlStatement
.append("SELECT objectID,objectName,issqluser,issqlrole,parentid FROM"
+ " ( SELECT 'u'||BANK_ID objectid,BANK_NAME objectname,0 issqlrole,1 issqluser,"
+ " 'r'||ROLECODE parentid"
+ " FROM FTZETL.FTZ_BANK "
+ " UNION ALL"
+ " SELECT DISTINCT 'r'||ROLECODE objectid,ROLENAME objectname,1 issqlrole,0 issqluser,"
+ " case when ROLECODE='00' then null else 'r00' end parentid"
+ " FROM FTZETL.FTZ_BANK )table1 ");*/
sqlStatement
.append("SELECT objectID,objectName,issqluser,issqlrole,parentid FROM ("
+ "SELECT 'u'||ui.USERID objectid,ui.USERNAME objectname,0 issqlrole,1 issqluser,'r'||ari.ROLEID parentid "
+ "FROM USER_INFO ui,USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ui.USERID=ur.USERID "
+ "UNION ALL SELECT DISTINCT 'r'||ari.ROLEID objectid, ari.ROLENAME objectname, 1 issqlrole, 0 issqluser, "
+ "CASE WHEN ari.ROLEID='000' THEN NULL ELSE 'r000' END parentid "
+ "FROM USER_INFO ui,USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ui.USERID=ur.USERID )table1 ");
if (theSqlCondition.length() > 0) {
sqlStatement.append("WHERE ");
sqlStatement.append(theSqlCondition);
}
long maxCount = theQueryOption.getMaxCount();
long skipCount = theQueryOption.getSkipCount();
String theSortClause = new String();
if (theSortProperties != null) {
for (int i = 0; i < theSortProperties.length; i++) {
ISortProperty property = theSortProperties[i];
if (property.getPropertyName().compareTo("name") == 0) {
if (theSortClause.length() > 0) {
theSortClause += ", ";
}
theSortClause += "objectName";
if (property.getSortOrder() == ISortProperty.SortOrderAscending) {
theSortClause += " ASC";
} else {
theSortClause += " DESC";
}
}
}
if (theSortClause.length() > 0) {
sqlStatement.append("ORDER BY ");
sqlStatement.append(theSortClause);
}
}
String sql = sqlStatement.toString();
PreparedStatement pst = connection.prepareStatement(sql);
ResultSet rst = pst.executeQuery();
long curSkip = 0, curMax = 0;
while (rst.next()) {
String objectID = rst.getString("objectID").substring(1);
String objectName = rst.getString("objectName");
boolean bIsUser = ((rst.getString("issqluser"))
.compareTo("1") == 0);
boolean bIsRole = ((rst.getString("issqlrole"))
.compareTo("1") == 0);
// We need to handle paging information
if (bIsUser || bIsRole) {
if (curSkip++ < skipCount) // We need to skip skipCount
// first objects
continue;
else if (curMax >= maxCount && maxCount != -1)
// If we already have maxCount objects, we can stop
// looking
break;
else
// curMax < maxCount - we need to keep retrieving
// entries
curMax++;
} else
// If the entry is neither a user nor a role, we'll skip
// it
continue;
if (bIsUser) {
String searchPath = "u:" + objectID;
Account account = new Account(searchPath);
account.addName(Locale.SIMPLIFIED_CHINESE, objectName);
account.setUserName(objectName);
// 查找所有的父级
QueryUtil.setAncestors(connection, theSortProperties,
account, theNamespace);
theResult.addObject(account);
} else if (bIsRole) {
String searchPath = "r:" + objectID;
Role role = new Role(searchPath);
role.addName(Locale.SIMPLIFIED_CHINESE, objectName);
// 查找子角色
QueryUtil.querySubRoles(connection, theSortProperties,
role, theNamespace);
// 设置父级
QueryUtil.setAncestors(connection, theSortProperties,
role, theNamespace);
theResult.addObject(role);
}
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
e.printStackTrace();
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
} finally {
try {
if (connection != null)
connection.close();
} catch (SQLException e2) {
// System.out.println(e2);
}
}
}
public static String escapeSpecialChars(String str) {
StringBuffer escapedString = new StringBuffer(str);
for (int i = 0; i < escapedString.length();) {
char c = escapedString.charAt(i);
switch (c) {
case '\'':
escapedString.insert(i, "!'");
i += 3;
break;
case '%':
escapedString.insert(i, "!%");
i += 3;
break;
default:
i++;
break;
}
}
return escapedString.toString();
}
public static String getSqlCondition(ISearchFilter theSearchFilter) {
StringBuffer sqlCondition = new StringBuffer();
if (theSearchFilter != null) {
switch (theSearchFilter.getSearchFilterType()) {
case ISearchFilter.ConditionalExpression: {
ISearchFilterConditionalExpression item = (ISearchFilterConditionalExpression) theSearchFilter;
String operator = item.getOperator();
ISearchFilter[] filters = item.getFilters();
if (filters.length > 0) {
sqlCondition.append("( ");
sqlCondition.append(getSqlCondition(filters[0]));
for (int i = 1; i < filters.length; i++) {
sqlCondition.append(' ');
sqlCondition.append(operator);
sqlCondition.append(' ');
sqlCondition.append(getSqlCondition(filters[i]));
}
sqlCondition.append(" )");
}
}
break;
case ISearchFilter.FunctionCall: {
ISearchFilterFunctionCall item = (ISearchFilterFunctionCall) theSearchFilter;
String functionName = item.getFunctionName();
if (functionName.equals(ISearchFilterFunctionCall.Contains)) {
String[] parameter = item.getParameters();
String propertyName = parameter[0];
String value = parameter[1];
if (propertyName.compareTo("@objectClass") == 0) {
if ("account".indexOf(value) > 0) {
sqlCondition.append(" issqluser = 1 ");
} else if ("role".indexOf(value) > 0) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.equals("@defaultName")
|| propertyName.equals("@userName")
|| propertyName.equals("@name")) {
sqlCondition.append(" objectName LIKE '%"
+ escapeSpecialChars(value) + "%' ESCAPE '!'");
} else {
//
// We ignore the properties that are not
// supported.
//
sqlCondition.append(" 1 = 1 ");
}
} else if (functionName
.compareTo(ISearchFilterFunctionCall.StartsWith) == 0) {
String[] parameter = item.getParameters();
String propertyName = parameter[0];
String value = parameter[1];
if (propertyName.compareTo("@objectClass") == 0) {
if ("account".startsWith(value)) {
sqlCondition.append(" issqluser = 1 ");
} else if ("role".startsWith(value)) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.compareTo("@defaultName") == 0
|| propertyName.compareTo("@userName") == 0
|| propertyName.compareTo("@name") == 0) {
sqlCondition.append(" objectName LIKE '"
+ escapeSpecialChars(value) + "%' ESCAPE '!'");
} else {
//
// We ignore the properties that are not
// supported.
//
sqlCondition.append(" 1 = 1 ");
}
} else if (functionName
.compareTo(ISearchFilterFunctionCall.EndsWith) == 0) {
String[] parameter = item.getParameters();
String propertyName = parameter[0];
String value = parameter[1];
if (propertyName.compareTo("@objectClass") == 0) {
if ("account".endsWith(value)) {
sqlCondition.append(" issqluser = 1 ");
} else if ("role".endsWith(value)) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.compareTo("@defaultName") == 0
|| propertyName.compareTo("@userName") == 0
|| propertyName.compareTo("@name") == 0) {
sqlCondition.append(" objectName LIKE '"
+ escapeSpecialChars(value) + "%' ESCAPE '!'");
} else {
//
// We ignore the properties that are not
// supported.
//
sqlCondition.append(" 1 = 1 ");
}
} else {
//
// Ignore the funtion we don't understand.
//
sqlCondition.append(" 1 = 1 ");
}
}
break;
case ISearchFilter.RelationalExpression: {
ISearchFilterRelationExpression item = (ISearchFilterRelationExpression) theSearchFilter;
String propertyName = item.getPropertyName();
String constraint = item.getConstraint();
String operator = item.getOperator();
if (propertyName.equals("@objectClass")) {
if (constraint.equals("account")) {
if (operator
.equals(ISearchFilterRelationExpression.EqualTo)) {
sqlCondition.append(" issqluser = 1 ");
} else if (operator
.equals(ISearchFilterRelationExpression.NotEqual)) {
sqlCondition.append(" issqluser = 0 ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (constraint.equals("role")) {
if (operator
.equals(ISearchFilterRelationExpression.EqualTo)) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else if (operator
.equals(ISearchFilterRelationExpression.NotEqual)) {
sqlCondition.append(" ( issqlrole = 0 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else {
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.equals("@defaultName")
|| propertyName.equals("@userName")
|| propertyName.equals("@name")) {
sqlCondition.append(" name " + operator + " '" + constraint
+ "'");
} else {
//
// We ignore the properties that are not supported.
//
sqlCondition.append(" 1 = 1 ");
}
}
break;
}
}
return sqlCondition.toString();
}
}
请大神指导一下QueryUtil.java里面的逻辑。小生新手,自己搞定不了很头疼,对于帮助万分感激不尽!
以下附上我根据网上的Demo修改的QueryUtil.java,出现的问题是,可以用自己的用户登录Cognos Connection后,用户旁除了“注销”选项,还有一个“登录”选项。
package com.cognos.authentication.jdbc;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Locale;
import com.cognos.CAM_AAA.authentication.INamespace;
import com.cognos.CAM_AAA.authentication.IQueryOption;
import com.cognos.CAM_AAA.authentication.ISearchFilter;
import com.cognos.CAM_AAA.authentication.ISearchFilterConditionalExpression;
import com.cognos.CAM_AAA.authentication.ISearchFilterFunctionCall;
import com.cognos.CAM_AAA.authentication.ISearchFilterRelationExpression;
import com.cognos.CAM_AAA.authentication.ISortProperty;
import com.cognos.CAM_AAA.authentication.QueryResult;
import com.cognos.authentication.adapters.Account;
import com.cognos.authentication.adapters.NamespaceFolder;
import com.cognos.authentication.adapters.Role;
import com.cognos.authentication.adapters.UiClass;
import com.cognos.authentication.util.DB2JDBCManager;
public class QueryUtil {
/**
*
* @ClassName: QueryUtil
* @Description: 创建用户
* @author --
* @date 2013-5-29 下午5:32:02
* @return Account
*/
public static Account createAccount(String userID, String userName,
INamespace theNamespace) throws SQLException {
if (userID != null) {
String userSearchPath = "u:" + userID;
Account account = new Account(userSearchPath);
System.out.println("createAccount:username:" + userName);
setAccountProperties(userName, account);
return account;
}
return null;
}
/**
*
* @ClassName: QueryUtil
* @Description: 设置用户属性-用户名称&语言环境
* @author --
* @date 2013-5-30 下午4:35:13
* @return void
*/
public static void setAccountProperties(String username, Account theAccount)
throws SQLException {
theAccount.setUserName(username);
//String locID = "2052";
//Locale locale = getLocale(locID);
theAccount.setProductLocale(Locale.SIMPLIFIED_CHINESE);
theAccount.setContentLocale(Locale.SIMPLIFIED_CHINESE);
theAccount.addName(Locale.SIMPLIFIED_CHINESE, username);
}
/**
*
* @ClassName: QueryUtil
* @Description: 取得系统语言环境
* @author --
* @date 2013-5-30 下午4:36:20
* @return Locale
*/
private static Locale getLocale(String theLocaleID) {
if (theLocaleID != null) {
switch (new Integer(theLocaleID).intValue()) {
case 1033:
return Locale.US;
case 1031:
return Locale.GERMAN;
case 1036:
return Locale.FRENCH;
case 1041:
return Locale.JAPANESE;
case 2057:
return Locale.UK;
case 1028:
return Locale.TRADITIONAL_CHINESE;
case 1042:
return Locale.KOREAN;
case 2052:
return Locale.SIMPLIFIED_CHINESE;
}
}
return Locale.ENGLISH;
}
/**
*
* @ClassName: QueryUtil
* @Description: 设置visa用户所在的角色
* @author --
* @date 2013-5-30 下午2:54:40
* @return void
*/
public static void setRoles(Connection connection, String userid,
JDBCVisa theVisa) throws SQLException {
try {
if (connection != null) {
ResultSet rst = null;
String sql = "SELECT ari.ROLEID,ari.ROLENAME FROM USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ur.USERID=?";
PreparedStatement pst = connection.prepareStatement(sql);
pst.setString(1, userid);
rst = pst.executeQuery();
while (rst.next()) {
String role_code = rst.getString("ROLEID");
String role_name = rst.getString("ROLENAME");
Role role = new Role("r:" + role_code);
role.addName(Locale.SIMPLIFIED_CHINESE, role_name);
theVisa.addRole(role);
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
}
}
/**
*
* @ClassName: QueryUtil
* @Description: 查找子角色
* @author --
* @date 2013-5-31 上午9:26:48
* @return void
*/
public static void querySubRoles(Connection connection,
ISortProperty[] theSortProperties, Role theRole,
INamespace theNamespace) throws SQLException {
try {
if (connection != null) {
ResultSet rst = null;
StringBuffer sqlStatement = new StringBuffer();
String roleID = theRole.getObjectID();
if (roleID == null) {
return;
}
roleID = roleID.substring(2);
sqlStatement
.append("SELECT ROLEID,ROLENAME, PARENTID from "
+ " (SELECT DISTINCT ROLEID,ROLENAME,"
+ " case when ROLEID='000' then null else '000' end PARENTID"
+ " FROM AWE_ROLE_INFO)table1"
+ " where PARENTID=?");
String theSortClause = new String();
if (theSortProperties != null) {
for (int i = 0; i < theSortProperties.length; i++) {
ISortProperty property = theSortProperties[i];
if (property.getPropertyName().compareTo("name") == 0) {
if (theSortClause.length() > 0) {
theSortClause += ", ";
}
theSortClause += " objectname";
if (property.getSortOrder() == ISortProperty.SortOrderAscending) {
theSortClause += " ASC";
} else {
theSortClause += " DESC";
}
}
}
if (theSortClause.length() > 0) {
sqlStatement.append(" ORDER BY ");
sqlStatement.append(theSortClause);
}
}
String sql = sqlStatement.toString();
PreparedStatement pst = connection.prepareStatement(sql);
pst.setString(1, roleID);
rst = pst.executeQuery();
while (rst.next()) {
// Create account object for the user.
String role_code = rst.getString("ROLEID");
String role_name = rst.getString("ROLENAME");
String searchPath = "r:" + role_code;
Role role = new Role(searchPath);
role.addName(Locale.SIMPLIFIED_CHINESE, role_name);
theRole.addMember(role);
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
}
}
/**
*
* @ClassName: QueryUtil
* @Description: 设置visa用户的祖先
* @author --
* @date 2013-5-29 下午4:18:13
* @return void
*/
public static void setAncestors(Connection connection,
ISortProperty[] theSortProperties, UiClass theUiClass,
INamespace theNamespace) throws SQLException {
try {
if (connection != null) {
ResultSet rst = null;
String objectId = theUiClass.getObjectID();
if (objectId == null) {
return;
}
boolean bIsUserRole = ((objectId.substring(0, 1))
.compareTo("r") == 0);
boolean bIsUser = ((objectId.substring(0, 1)).compareTo("u") == 0);
objectId = objectId.substring(2);
if (bIsUserRole) {
// 如果是用户角色
String sql = "SELECT ROLEID ,ROLENAME FROM AWE_ROLE_INFO WHERE ROLEID='000' ";
PreparedStatement pst = connection.prepareStatement(sql);
rst = pst.executeQuery();
if (rst.next()) {
// Create account object for the user.
String tempRoleCode = rst.getString("ROLEID");
String tempRoleName = rst.getString("ROLENAME");
String searchPath = "r:" + tempRoleCode;
Role role = new Role(searchPath);// 构建角色
role.addName(Locale.SIMPLIFIED_CHINESE, tempRoleName);// 添加角色名称
theUiClass.addAncestors(role);// 添加上代角色
}
} else {
if (bIsUser) {
// 如果是用户,首先找到所在的角色
String sql1 = "SELECT ari.ROLEID ,ari.ROLENAME FROM USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ur.USERID=? ";
PreparedStatement pst1 = connection
.prepareStatement(sql1);
pst1.setString(1, objectId);
ResultSet rst1 = pst1.executeQuery();
while (rst1.next()) {
String role_code = rst1.getString("ROLEID");
objectId = role_code;
String role_name = rst1.getString("ROLENAME");
String searchPath = "r:" + role_code;
Role role = new Role(searchPath);// 构建角色
role.addName(Locale.SIMPLIFIED_CHINESE, role_name);// 添加角色名称
theUiClass.addAncestors(role);// 添加上代角色
}
}
// 查找用户角色的父亲
while (true) {
//String sql = "SELECT ROLECODE,ROLENAME FROM FTZETL.FTZ_BANK WHERE ROLECODE=?";
String sql = "SELECT ROLEID,ROLENAME FROM AWE_ROLE_INFO WHERE ROLEID=?";
PreparedStatement pst = connection
.prepareStatement(sql);
pst.setString(1, objectId);
rst = pst.executeQuery();
if (rst.next()) {
// Create account object for the user.
String tempObjectId = rst.getString("ROLEID");
String tempObjectName = rst.getString("ROLENAME");
// 如果没有父亲,则停止查找
if ("000".equals(tempObjectId)) {
break;
} else {
// 如果还有父亲,继续查找
String searchPath = "r:" + tempObjectId;
Role role = new Role(searchPath);// 构建角色
role.addName(Locale.SIMPLIFIED_CHINESE,
tempObjectName);// 添加角色名称
theUiClass.addAncestors(role);// 添加上代角色
objectId = "000";
}
} else {
break;
}
}
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
}
}
/**
*
* @ClassName: QueryUtil
* @Description: TODO(这里用一句话描述这个类的作用)
* @author -- 查询当前对象的成员
* @date 2013-5-30 下午5:43:14
* @return void
*/
public static void query(String theSqlCondition,
IQueryOption theQueryOption, String[] theProperties,
ISortProperty[] theSortProperties, QueryResult theResult,
INamespace theNamespace) throws SQLException {
System.out.println("query----------");
Connection connection = null;
try {
connection = DB2JDBCManager.getConnection();
if (connection != null) {
StringBuffer sqlStatement = new StringBuffer();
// 构造用户u,角色r
/* sqlStatement
.append("SELECT objectID,objectName,issqluser,issqlrole,parentid FROM"
+ " ( SELECT 'u'||BANK_ID objectid,BANK_NAME objectname,0 issqlrole,1 issqluser,"
+ " 'r'||ROLECODE parentid"
+ " FROM FTZETL.FTZ_BANK "
+ " UNION ALL"
+ " SELECT DISTINCT 'r'||ROLECODE objectid,ROLENAME objectname,1 issqlrole,0 issqluser,"
+ " case when ROLECODE='00' then null else 'r00' end parentid"
+ " FROM FTZETL.FTZ_BANK )table1 ");*/
sqlStatement
.append("SELECT objectID,objectName,issqluser,issqlrole,parentid FROM ("
+ "SELECT 'u'||ui.USERID objectid,ui.USERNAME objectname,0 issqlrole,1 issqluser,'r'||ari.ROLEID parentid "
+ "FROM USER_INFO ui,USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ui.USERID=ur.USERID "
+ "UNION ALL SELECT DISTINCT 'r'||ari.ROLEID objectid, ari.ROLENAME objectname, 1 issqlrole, 0 issqluser, "
+ "CASE WHEN ari.ROLEID='000' THEN NULL ELSE 'r000' END parentid "
+ "FROM USER_INFO ui,USER_ROLE ur,AWE_ROLE_INFO ari WHERE ur.ROLEID=ari.ROLEID AND ui.USERID=ur.USERID )table1 ");
if (theSqlCondition.length() > 0) {
sqlStatement.append("WHERE ");
sqlStatement.append(theSqlCondition);
}
long maxCount = theQueryOption.getMaxCount();
long skipCount = theQueryOption.getSkipCount();
String theSortClause = new String();
if (theSortProperties != null) {
for (int i = 0; i < theSortProperties.length; i++) {
ISortProperty property = theSortProperties[i];
if (property.getPropertyName().compareTo("name") == 0) {
if (theSortClause.length() > 0) {
theSortClause += ", ";
}
theSortClause += "objectName";
if (property.getSortOrder() == ISortProperty.SortOrderAscending) {
theSortClause += " ASC";
} else {
theSortClause += " DESC";
}
}
}
if (theSortClause.length() > 0) {
sqlStatement.append("ORDER BY ");
sqlStatement.append(theSortClause);
}
}
String sql = sqlStatement.toString();
PreparedStatement pst = connection.prepareStatement(sql);
ResultSet rst = pst.executeQuery();
long curSkip = 0, curMax = 0;
while (rst.next()) {
String objectID = rst.getString("objectID").substring(1);
String objectName = rst.getString("objectName");
boolean bIsUser = ((rst.getString("issqluser"))
.compareTo("1") == 0);
boolean bIsRole = ((rst.getString("issqlrole"))
.compareTo("1") == 0);
// We need to handle paging information
if (bIsUser || bIsRole) {
if (curSkip++ < skipCount) // We need to skip skipCount
// first objects
continue;
else if (curMax >= maxCount && maxCount != -1)
// If we already have maxCount objects, we can stop
// looking
break;
else
// curMax < maxCount - we need to keep retrieving
// entries
curMax++;
} else
// If the entry is neither a user nor a role, we'll skip
// it
continue;
if (bIsUser) {
String searchPath = "u:" + objectID;
Account account = new Account(searchPath);
account.addName(Locale.SIMPLIFIED_CHINESE, objectName);
account.setUserName(objectName);
// 查找所有的父级
QueryUtil.setAncestors(connection, theSortProperties,
account, theNamespace);
theResult.addObject(account);
} else if (bIsRole) {
String searchPath = "r:" + objectID;
Role role = new Role(searchPath);
role.addName(Locale.SIMPLIFIED_CHINESE, objectName);
// 查找子角色
QueryUtil.querySubRoles(connection, theSortProperties,
role, theNamespace);
// 设置父级
QueryUtil.setAncestors(connection, theSortProperties,
role, theNamespace);
theResult.addObject(role);
}
}
} else {
throw new SQLException("Connection Error",
"Database connection failure. Reason: user or password is invalid");
}
} catch (SQLException e) {
e.printStackTrace();
throw new SQLException("Connection Error",
"Database connection failure. Reason: " + e.toString());
} finally {
try {
if (connection != null)
connection.close();
} catch (SQLException e2) {
// System.out.println(e2);
}
}
}
public static String escapeSpecialChars(String str) {
StringBuffer escapedString = new StringBuffer(str);
for (int i = 0; i < escapedString.length();) {
char c = escapedString.charAt(i);
switch (c) {
case '\'':
escapedString.insert(i, "!'");
i += 3;
break;
case '%':
escapedString.insert(i, "!%");
i += 3;
break;
default:
i++;
break;
}
}
return escapedString.toString();
}
public static String getSqlCondition(ISearchFilter theSearchFilter) {
StringBuffer sqlCondition = new StringBuffer();
if (theSearchFilter != null) {
switch (theSearchFilter.getSearchFilterType()) {
case ISearchFilter.ConditionalExpression: {
ISearchFilterConditionalExpression item = (ISearchFilterConditionalExpression) theSearchFilter;
String operator = item.getOperator();
ISearchFilter[] filters = item.getFilters();
if (filters.length > 0) {
sqlCondition.append("( ");
sqlCondition.append(getSqlCondition(filters[0]));
for (int i = 1; i < filters.length; i++) {
sqlCondition.append(' ');
sqlCondition.append(operator);
sqlCondition.append(' ');
sqlCondition.append(getSqlCondition(filters[i]));
}
sqlCondition.append(" )");
}
}
break;
case ISearchFilter.FunctionCall: {
ISearchFilterFunctionCall item = (ISearchFilterFunctionCall) theSearchFilter;
String functionName = item.getFunctionName();
if (functionName.equals(ISearchFilterFunctionCall.Contains)) {
String[] parameter = item.getParameters();
String propertyName = parameter[0];
String value = parameter[1];
if (propertyName.compareTo("@objectClass") == 0) {
if ("account".indexOf(value) > 0) {
sqlCondition.append(" issqluser = 1 ");
} else if ("role".indexOf(value) > 0) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.equals("@defaultName")
|| propertyName.equals("@userName")
|| propertyName.equals("@name")) {
sqlCondition.append(" objectName LIKE '%"
+ escapeSpecialChars(value) + "%' ESCAPE '!'");
} else {
//
// We ignore the properties that are not
// supported.
//
sqlCondition.append(" 1 = 1 ");
}
} else if (functionName
.compareTo(ISearchFilterFunctionCall.StartsWith) == 0) {
String[] parameter = item.getParameters();
String propertyName = parameter[0];
String value = parameter[1];
if (propertyName.compareTo("@objectClass") == 0) {
if ("account".startsWith(value)) {
sqlCondition.append(" issqluser = 1 ");
} else if ("role".startsWith(value)) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.compareTo("@defaultName") == 0
|| propertyName.compareTo("@userName") == 0
|| propertyName.compareTo("@name") == 0) {
sqlCondition.append(" objectName LIKE '"
+ escapeSpecialChars(value) + "%' ESCAPE '!'");
} else {
//
// We ignore the properties that are not
// supported.
//
sqlCondition.append(" 1 = 1 ");
}
} else if (functionName
.compareTo(ISearchFilterFunctionCall.EndsWith) == 0) {
String[] parameter = item.getParameters();
String propertyName = parameter[0];
String value = parameter[1];
if (propertyName.compareTo("@objectClass") == 0) {
if ("account".endsWith(value)) {
sqlCondition.append(" issqluser = 1 ");
} else if ("role".endsWith(value)) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.compareTo("@defaultName") == 0
|| propertyName.compareTo("@userName") == 0
|| propertyName.compareTo("@name") == 0) {
sqlCondition.append(" objectName LIKE '"
+ escapeSpecialChars(value) + "%' ESCAPE '!'");
} else {
//
// We ignore the properties that are not
// supported.
//
sqlCondition.append(" 1 = 1 ");
}
} else {
//
// Ignore the funtion we don't understand.
//
sqlCondition.append(" 1 = 1 ");
}
}
break;
case ISearchFilter.RelationalExpression: {
ISearchFilterRelationExpression item = (ISearchFilterRelationExpression) theSearchFilter;
String propertyName = item.getPropertyName();
String constraint = item.getConstraint();
String operator = item.getOperator();
if (propertyName.equals("@objectClass")) {
if (constraint.equals("account")) {
if (operator
.equals(ISearchFilterRelationExpression.EqualTo)) {
sqlCondition.append(" issqluser = 1 ");
} else if (operator
.equals(ISearchFilterRelationExpression.NotEqual)) {
sqlCondition.append(" issqluser = 0 ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else if (constraint.equals("role")) {
if (operator
.equals(ISearchFilterRelationExpression.EqualTo)) {
sqlCondition.append(" ( issqlrole = 1 ) ");
} else if (operator
.equals(ISearchFilterRelationExpression.NotEqual)) {
sqlCondition.append(" ( issqlrole = 0 ) ");
} else {
//
// Make sure this is a false statement
//
sqlCondition.append(" 1 = 0 ");
}
} else {
sqlCondition.append(" 1 = 0 ");
}
} else if (propertyName.equals("@defaultName")
|| propertyName.equals("@userName")
|| propertyName.equals("@name")) {
sqlCondition.append(" name " + operator + " '" + constraint
+ "'");
} else {
//
// We ignore the properties that are not supported.
//
sqlCondition.append(" 1 = 1 ");
}
}
break;
}
}
return sqlCondition.toString();
}
}
没有找到相关结果
重要提示:提问者不能发表回复,可以通过评论与回答者沟通,沟通后可以通过编辑功能完善问题描述,以便后续其他人能够更容易理解问题.
0 个回复