Menu
▾
▴
openutils-svn
|
From: <fc...@us...> - 2008-02-19 15:33:46
|
Revision: 638
http://openutils.svn.sourceforge.net/openutils/?rev=638&view=rev
Author: fcarone
Date: 2008-02-19 07:33:39 -0800 (Tue, 19 Feb 2008)
Log Message:
-----------
Copyright updated
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-19 15:32:28 UTC (rev 637)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-19 15:33:39 UTC (rev 638)
@@ -1,5 +1,17 @@
/*
- * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ * Copyright Openmind http://www.openmindonline.it
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
package it.openutils.hibernate.security.filter;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-19 17:43:12
|
Revision: 643
http://openutils.svn.sourceforge.net/openutils/?rev=643&view=rev
Author: fcarone
Date: 2008-02-19 09:43:17 -0800 (Tue, 19 Feb 2008)
Log Message:
-----------
Use a stringbuffer during filter construction
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-19 17:42:20 UTC (rev 642)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-19 17:43:17 UTC (rev 643)
@@ -65,17 +65,17 @@
if (!beanClass.isAnnotationPresent(Entity.class))
{
- throw new IllegalArgumentException();
+ throw new IllegalArgumentException("Class " + bean + " must contain the @Entity annotation.");
}
if (!(beanClass.isAnnotationPresent(Table.class) || beanClass
.isAnnotationPresent(org.hibernate.annotations.Table.class)))
{
- throw new IllegalArgumentException();
+ throw new IllegalArgumentException("Class " + bean + " must contain the @Table annotation.");
}
Map<String, String> propertyColumnMap = new HashMap<String, String>();
- String filterDefCondition = StringUtils.EMPTY;
+ StringBuffer filterDefCondition = new StringBuffer();
String filterName = StringUtils.EMPTY;
Map<String, List<SecurityRule>> roleRuleMap = new LinkedHashMap<String, List<SecurityRule>>();
@@ -93,12 +93,12 @@
filterName += entry.getKey();
List<SecurityRule> rules = entry.getValue();
- if (!StringUtils.isEmpty(filterDefCondition))
+ if (!StringUtils.isEmpty(filterDefCondition.toString()))
{
- filterDefCondition += " OR ";
+ filterDefCondition.append(" OR ");
}
- filterDefCondition += "(";
- String subFilterCond = StringUtils.EMPTY;
+ filterDefCondition.append("(");
+ StringBuffer subFilterCond = new StringBuffer();
for (SecurityRule securityRule : rules)
{
String property = securityRule.getProperty();
@@ -108,47 +108,59 @@
// @todo: annotations may also be defined on getters/setters...
propertyColumnMap.put(property, field.getAnnotation(Column.class).name());
- if (!StringUtils.isEmpty(subFilterCond))
+ if (!StringUtils.isEmpty(subFilterCond.toString()))
{
- subFilterCond += " AND ";
+ subFilterCond.append(" AND ");
}
String modifier = null;
String startQuote = null;
String endQuote = null;
+
+ if (field.getType().isAssignableFrom(String.class))
+ {
+ startQuote = "\'";
+ endQuote = startQuote;
+ }
+ else if (field.getType().getSuperclass().isAssignableFrom(Number.class))
+ {
+ startQuote = StringUtils.EMPTY;
+ endQuote = StringUtils.EMPTY;
+ }
+
switch (securityRule.getModifier())
{
case EQUALS :
modifier = " = ";
- startQuote = "\'";
- endQuote = startQuote;
break;
case NOT :
modifier = " != ";
- startQuote = "\'";
- endQuote = startQuote;
break;
default :
- throw new IllegalArgumentException("Modifier " + securityRule.getModifier() + "not recognized");
+ throw new IllegalArgumentException("Modifier " + securityRule.getModifier() + "not recognized.");
}
- subFilterCond += field.getAnnotation(Column.class).name()
- + modifier
- + startQuote
- + securityRule.getValue()
- + endQuote;
+ subFilterCond.append(field.getAnnotation(Column.class).name());
+ subFilterCond.append(modifier);
+ if (StringUtils.isNotEmpty(startQuote))
+ {
+ subFilterCond.append(startQuote);
+ }
+ subFilterCond.append(securityRule.getValue());
+ if (StringUtils.isNotEmpty(endQuote))
+ {
+ subFilterCond.append(endQuote);
+ }
filterName += securityRule.getValue();
}
- filterDefCondition += subFilterCond;
- filterDefCondition += ")";
+ filterDefCondition.append(subFilterCond);
+ filterDefCondition.append(")");
}
// filtername is unique, but untraceable
- this.filterDefinition = new FilterDefinition(
- Integer.toString(filterName.hashCode()),
- filterDefCondition,
- new HashMap());
+ this.filterDefinition = new FilterDefinition(Integer.toString(filterName.hashCode()), filterDefCondition
+ .toString(), new HashMap());
}
/**
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-20 10:27:20
|
Revision: 655
http://openutils.svn.sourceforge.net/openutils/?rev=655&view=rev
Author: fcarone
Date: 2008-02-20 02:27:15 -0800 (Wed, 20 Feb 2008)
Log Message:
-----------
Escape SQL for filter value.
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 10:22:01 UTC (rev 654)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 10:27:15 UTC (rev 655)
@@ -30,7 +30,9 @@
import javax.persistence.Entity;
import javax.persistence.Table;
+import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
+import org.dbunit.dataset.csv.handlers.EscapeHandler;
import org.hibernate.Filter;
import org.hibernate.HibernateException;
import org.hibernate.engine.FilterDefinition;
@@ -172,7 +174,7 @@
{
subFilterCond.append(startQuote);
}
- subFilterCond.append(securityRule.getValue());
+ subFilterCond.append(StringEscapeUtils.escapeSql(securityRule.getValue()));
if (StringUtils.isNotEmpty(endQuote))
{
subFilterCond.append(endQuote);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-20 15:26:24
|
Revision: 659
http://openutils.svn.sourceforge.net/openutils/?rev=659&view=rev
Author: fcarone
Date: 2008-02-20 07:26:27 -0800 (Wed, 20 Feb 2008)
Log Message:
-----------
isAssignableFrom leftvalue and rightvalue exchanged
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 14:09:10 UTC (rev 658)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 15:26:27 UTC (rev 659)
@@ -143,7 +143,7 @@
String startQuote = null;
String endQuote = null;
- if (field.getType().isAssignableFrom(String.class))
+ if (String.class.isAssignableFrom(field.getType()))
{
startQuote = "\'";
endQuote = startQuote;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-21 14:31:13
|
Revision: 674
http://openutils.svn.sourceforge.net/openutils/?rev=674&view=rev
Author: fcarone
Date: 2008-02-21 06:31:05 -0800 (Thu, 21 Feb 2008)
Log Message:
-----------
use FieldUtils to get the class field.
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-21 09:17:34 UTC (rev 673)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-21 14:31:05 UTC (rev 674)
@@ -30,6 +30,7 @@
import javax.persistence.Entity;
import javax.persistence.Table;
+import org.acegisecurity.util.FieldUtils;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
import org.hibernate.Filter;
@@ -131,7 +132,7 @@
String property = securityRule.getProperty();
filterName += property;
- Field field = beanClass.getDeclaredField(property);
+ Field field = FieldUtils.getField(beanClass, property);
// @todo: annotations may also be defined on getters/setters...
propertyColumnMap.put(property, field.getAnnotation(Column.class).name());
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X