mirror of
https://github.com/GravitLauncher/Launcher
synced 2025-04-01 22:14:01 +03:00
[REFACTOR] Refactor roles quering
Use 2 queries, first to query names of all user`s roles, second to recursively query all permissions. This also allows roles inheritance. All code from previous realisation, that is not used in this one, was commented, so if this realisation will be accepted, that code can be finaly removed.
This commit is contained in:
parent
b95af4e2f0
commit
4deffc9a8e
1 changed files with 48 additions and 8 deletions
|
@ -51,8 +51,9 @@ public abstract class AbstractSQLCoreProvider extends AuthCoreProvider {
|
|||
public String customQueryByUsernameSQL;
|
||||
public String customQueryByLoginSQL;
|
||||
public String customQueryPermissionsByUUIDSQL;
|
||||
public String customQueryRoleByUUIDSQL;
|
||||
public String customQueryRoleByNameSQL;
|
||||
//public String customQueryRoleByUUIDSQL;
|
||||
//public String customQueryRoleByNameSQL;
|
||||
public String customQueryRolesByUserUUID;
|
||||
public String customUpdateAuthSQL;
|
||||
public String customUpdateServerIdSQL;
|
||||
// Prepared SQL queries
|
||||
|
@ -60,8 +61,10 @@ public abstract class AbstractSQLCoreProvider extends AuthCoreProvider {
|
|||
public transient String queryByUsernameSQL;
|
||||
public transient String queryByLoginSQL;
|
||||
public transient String queryPermissionsByUUIDSQL;
|
||||
public transient String queryRoleByUUIDSQL;
|
||||
public transient String queryRoleByNameSQL;
|
||||
//public transient String queryRoleByUUIDSQL;
|
||||
//public transient String queryRoleByNameSQL;
|
||||
public transient String queryRolesByUserUUID;
|
||||
|
||||
public transient String updateAuthSQL;
|
||||
public transient String updateServerIDSQL;
|
||||
|
||||
|
@ -176,16 +179,30 @@ public void init(LaunchServer server) {
|
|||
queryByUsernameSQL = customQueryByUsernameSQL != null ? customQueryByUsernameSQL : String.format("SELECT %s FROM %s WHERE %s=? LIMIT 1",
|
||||
userInfoCols, table, usernameColumn);
|
||||
queryByLoginSQL = customQueryByLoginSQL != null ? customQueryByLoginSQL : queryByUsernameSQL;
|
||||
|
||||
/*
|
||||
queryPermissionsByUUIDSQL = customQueryPermissionsByUUIDSQL != null ? customQueryPermissionsByUUIDSQL : String.format("SELECT (%s) FROM %s WHERE %s=?",
|
||||
permissionsPermissionColumn, permissionsTable, permissionsUUIDColumn);
|
||||
*/
|
||||
|
||||
queryPermissionsByUUIDSQL = customQueryPermissionsByUUIDSQL != null ? customQueryPermissionsByUUIDSQL :
|
||||
"WITH RECURSIVE req AS (\n" +
|
||||
"SELECT p."+permissionsPermissionColumn+" FROM "+permissionsTable+" p WHERE p."+permissionsUUIDColumn+" = ?\n" +
|
||||
"UNION ALL\n" +
|
||||
"SELECT p."+permissionsPermissionColumn+" FROM "+permissionsTable+" p\n" +
|
||||
"INNER JOIN "+rolesTable+" r ON p."+permissionsUUIDColumn+" = r."+rolesUUIDColumn+"\n" +
|
||||
"INNER JOIN req ON r."+rolesUUIDColumn+"=substring(req.permission from 6) or r.name=substring(req.permission from 6)\n" +
|
||||
") SELECT * FROM req";
|
||||
|
||||
queryRolesByUserUUID = customQueryRolesByUserUUID != null ? customQueryRolesByUserUUID : String.format("SELECT r.%s FROM %s r\n" +
|
||||
"INNER JOIN %s pr ON r.%s=substring(pr.%s from 6) or r.%s=substring(pr.%s from 6)\n" +
|
||||
"WHERE pr.%s = ?",rolesNameColumn,rolesTable,permissionsTable,rolesUUIDColumn,permissionsPermissionColumn,rolesNameColumn,permissionsPermissionColumn,permissionsUUIDColumn);
|
||||
/*
|
||||
queryRoleByUUIDSQL = customQueryRoleByUUIDSQL != null ? customQueryRoleByUUIDSQL : String.format("SELECT %s, %s FROM %s WHERE %s=? LIMIT 1",
|
||||
rolesUUIDColumn, rolesNameColumn,rolesTable,rolesUUIDColumn);
|
||||
|
||||
queryRoleByNameSQL = customQueryRoleByNameSQL != null ? customQueryRoleByNameSQL : String.format("SELECT %s, %s FROM %s WHERE %s=? LIMIT 1",
|
||||
rolesUUIDColumn, rolesNameColumn,rolesTable,rolesNameColumn);
|
||||
|
||||
*/
|
||||
updateAuthSQL = customUpdateAuthSQL != null ? customUpdateAuthSQL : String.format("UPDATE %s SET %s=?, %s=NULL WHERE %s=?",
|
||||
table, accessTokenColumn, serverIDColumn, uuidColumn);
|
||||
updateServerIDSQL = customUpdateServerIdSQL != null ? customUpdateServerIdSQL : String.format("UPDATE %s SET %s=? WHERE %s=?",
|
||||
|
@ -228,9 +245,15 @@ public void close() throws IOException {
|
|||
|
||||
private SQLUser constructUser(ResultSet set) throws SQLException {
|
||||
return set.next() ? new SQLUser(UUID.fromString(set.getString(uuidColumn)), set.getString(usernameColumn),
|
||||
//set.getString(accessTokenColumn), set.getString(serverIDColumn), set.getString(passwordColumn), requestPermissions(set.getString(uuidColumn))) : null;
|
||||
set.getString(accessTokenColumn), set.getString(serverIDColumn), set.getString(passwordColumn), requestPermissions(set.getString(uuidColumn))) : null;
|
||||
}
|
||||
|
||||
public ClientPermissions requestPermissions (String uuid) throws SQLException
|
||||
{
|
||||
return new ClientPermissions(queryRolesNames(queryRolesByUserUUID,uuid),queryPermissions(queryPermissionsByUUIDSQL,uuid));
|
||||
}
|
||||
/*
|
||||
public ClientPermissions requestPermissions (String uuid) throws SQLException
|
||||
{
|
||||
try{
|
||||
|
@ -263,7 +286,7 @@ private boolean processRole(SQLRole role, ClientPermissions perms) throws SQLExc
|
|||
perms.addPerm(perm);
|
||||
return true;
|
||||
}
|
||||
|
||||
*/
|
||||
private SQLUser queryUser(String sql, String value) throws SQLException {
|
||||
try (Connection c = getSQLConfig().getConnection()) {
|
||||
PreparedStatement s = c.prepareStatement(sql);
|
||||
|
@ -292,6 +315,23 @@ private List<String> queryPermissions(String sql, String value) throws SQLExcept
|
|||
}
|
||||
}
|
||||
|
||||
private List<String> queryRolesNames(String sql, String value) throws SQLException {
|
||||
try (Connection c = getSQLConfig().getConnection()) {
|
||||
PreparedStatement s = c.prepareStatement(sql);
|
||||
s.setString(1, value);
|
||||
s.setQueryTimeout(MySQLSourceConfig.TIMEOUT);
|
||||
ResultSet set = s.executeQuery();
|
||||
List<String> perms = new ArrayList<>();
|
||||
while (set.next())
|
||||
perms.add(set.getString(rolesNameColumn));
|
||||
return perms;
|
||||
} catch (SQLException e) {
|
||||
throw new SQLException(e);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
private SQLRole queryRole(String sql, String value) throws SQLException {
|
||||
try (Connection c = getSQLConfig().getConnection()) {
|
||||
PreparedStatement s = c.prepareStatement(sql);
|
||||
|
@ -315,7 +355,7 @@ private class SQLRole
|
|||
this.name = name;
|
||||
this.uuid = uuid;
|
||||
}
|
||||
}
|
||||
}*/
|
||||
|
||||
public static class SQLUser implements User {
|
||||
protected UUID uuid;
|
||||
|
|
Loading…
Reference in a new issue