1 | /*
|
---|
2 | * DerbyWrapper.java
|
---|
3 | * Copyright (C) 2008 New Zealand Digital Library, http://www.nzdl.org
|
---|
4 | *
|
---|
5 | * This program is free software; you can redistribute it and/or modify
|
---|
6 | * it under the terms of the GNU General Public License as published by
|
---|
7 | * the Free Software Foundation; either version 2 of the License, or
|
---|
8 | * (at your option) any later version.
|
---|
9 | *
|
---|
10 | * This program is distributed in the hope that it will be useful,
|
---|
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
13 | * GNU General Public License for more details.
|
---|
14 | *
|
---|
15 | * You should have received a copy of the GNU General Public License
|
---|
16 | * along with this program; if not, write to the Free Software
|
---|
17 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
---|
18 | */
|
---|
19 | package org.greenstone.gsdl3.util;
|
---|
20 |
|
---|
21 | import javax.swing.*;
|
---|
22 | import java.io.File;
|
---|
23 | import java.sql.Connection;
|
---|
24 | import java.sql.DriverManager;
|
---|
25 | import java.sql.ResultSet;
|
---|
26 | import java.sql.SQLException;
|
---|
27 | import java.sql.SQLWarning;
|
---|
28 | import java.sql.Statement;
|
---|
29 | import java.util.ArrayList;
|
---|
30 | import java.util.HashMap;
|
---|
31 | import java.util.Properties;
|
---|
32 |
|
---|
33 | public class DerbyWrapper
|
---|
34 | {
|
---|
35 | static final String PROTOCOL = "jdbc:derby:";
|
---|
36 | static final String DRIVER = "org.apache.derby.jdbc.EmbeddedDriver";
|
---|
37 | static final String USERSDB = "usersDB";
|
---|
38 | static final String USERS = "users";
|
---|
39 | static final String ROLES = "roles";
|
---|
40 | private Connection conn = null;
|
---|
41 | private Statement state = null;
|
---|
42 | private String protocol_str;
|
---|
43 |
|
---|
44 | public DerbyWrapper()
|
---|
45 | {
|
---|
46 | }
|
---|
47 |
|
---|
48 | public DerbyWrapper(String dbpath)
|
---|
49 | {
|
---|
50 | connectDatabase(dbpath, false);
|
---|
51 | }
|
---|
52 |
|
---|
53 | public void connectDatabase(String dbpath, boolean create_database)
|
---|
54 | {
|
---|
55 | try
|
---|
56 | {
|
---|
57 | Class.forName(DRIVER).newInstance();
|
---|
58 | //System.out.println("Loaded the embedded driver.");
|
---|
59 | protocol_str = PROTOCOL + dbpath;
|
---|
60 | if (create_database)
|
---|
61 | {
|
---|
62 | conn = DriverManager.getConnection(protocol_str + ";create=true");
|
---|
63 | }
|
---|
64 | else
|
---|
65 | {
|
---|
66 | conn = DriverManager.getConnection(protocol_str);
|
---|
67 | }
|
---|
68 | state = conn.createStatement();
|
---|
69 | }
|
---|
70 | catch (Throwable e)
|
---|
71 | {
|
---|
72 | System.out.println("exception thrown:");
|
---|
73 | if (e instanceof SQLException)
|
---|
74 | {
|
---|
75 | printSQLError((SQLException) e);
|
---|
76 | }
|
---|
77 | else
|
---|
78 | {
|
---|
79 | e.printStackTrace();
|
---|
80 | }
|
---|
81 | }
|
---|
82 | }
|
---|
83 |
|
---|
84 | public void closeDatabase()
|
---|
85 | {
|
---|
86 | state = null;
|
---|
87 | conn = null;
|
---|
88 | boolean gotSQLExc = false;
|
---|
89 | try
|
---|
90 | {
|
---|
91 | DriverManager.getConnection(protocol_str + ";shutdown=true");
|
---|
92 | }
|
---|
93 | catch (SQLException se)
|
---|
94 | {
|
---|
95 | gotSQLExc = true;
|
---|
96 | }
|
---|
97 | if (!gotSQLExc)
|
---|
98 | {
|
---|
99 | System.out.println("Database did not shut down normally");
|
---|
100 | }
|
---|
101 | }
|
---|
102 |
|
---|
103 | public void createDatabase()
|
---|
104 | {
|
---|
105 | try
|
---|
106 | {
|
---|
107 | conn.setAutoCommit(false);
|
---|
108 | state.execute("create table users (username varchar(40) not null, password varchar(40) not null, accountstatus varchar(10), comment varchar(100), primary key(username))");
|
---|
109 | state.execute("create table roles (username varchar(40) not null, role varchar(40) not null, primary key (username, role))");
|
---|
110 | //ystem.out.println("table users created successfully!");
|
---|
111 | state.execute("insert into " + USERS + " values ('admin', 'admin', 'true', 'change the password for this account as soon as possible')");
|
---|
112 | state.execute("insert into " + ROLES + " values ('admin', 'administrator')");
|
---|
113 | state.execute("insert into " + ROLES + " values ('admin', 'all-collections-editor')");
|
---|
114 | conn.commit();
|
---|
115 | }
|
---|
116 | catch(Exception ex)
|
---|
117 | {
|
---|
118 | ex.printStackTrace();
|
---|
119 | }
|
---|
120 | }
|
---|
121 |
|
---|
122 | public UserQueryResult listAllUser() throws SQLException
|
---|
123 | {
|
---|
124 | UserQueryResult userQueryResult = new UserQueryResult();
|
---|
125 | String sql_list_all_user = "SELECT username, password, accountstatus, comment FROM " + USERS;
|
---|
126 |
|
---|
127 | ArrayList<HashMap<String, String>> users = new ArrayList<HashMap<String,String>>();
|
---|
128 | ResultSet rs = state.executeQuery(sql_list_all_user);
|
---|
129 | while (rs.next())
|
---|
130 | {
|
---|
131 | HashMap<String, String> user = new HashMap<String, String>();
|
---|
132 | user.put("username", rs.getString("username"));
|
---|
133 | user.put("password", rs.getString("password"));
|
---|
134 | user.put("as", rs.getString("accountstatus"));
|
---|
135 | user.put("comment", rs.getString("comment"));
|
---|
136 |
|
---|
137 | users.add(user);
|
---|
138 | }
|
---|
139 |
|
---|
140 | for(HashMap<String, String> user : users)
|
---|
141 | {
|
---|
142 | ResultSet gs = state.executeQuery("SELECT role FROM roles WHERE username = '" + user.get("username") + "'");
|
---|
143 | String group = "";
|
---|
144 | while(gs.next())
|
---|
145 | {
|
---|
146 | if(!group.equals(""))
|
---|
147 | {
|
---|
148 | group += ",";
|
---|
149 | }
|
---|
150 | group += gs.getString("role");
|
---|
151 | }
|
---|
152 | userQueryResult.addUserTerm(user.get("username"), user.get("password"), group, user.get("as"), user.get("comment"));
|
---|
153 | }
|
---|
154 |
|
---|
155 | if (userQueryResult.getSize() == 0)
|
---|
156 | {
|
---|
157 | System.out.println("couldn't find any users");
|
---|
158 | return null;
|
---|
159 | }
|
---|
160 | else
|
---|
161 | {
|
---|
162 | return userQueryResult;
|
---|
163 | }
|
---|
164 | }
|
---|
165 |
|
---|
166 | public String addUser(String username, String password, String groups, String accountstatus, String comment)
|
---|
167 | {
|
---|
168 | try
|
---|
169 | {
|
---|
170 | conn.setAutoCommit(false);
|
---|
171 | String sql_insert_user = "insert into " + USERS + " values ('" + username + "', '" + password + "', '" + accountstatus + "', '" + comment + "')";
|
---|
172 | state.execute(sql_insert_user);
|
---|
173 |
|
---|
174 | String[] groupArray = groups.split(",");
|
---|
175 | for(String g : groupArray)
|
---|
176 | {
|
---|
177 | String sql_insert_group = "insert into " + ROLES + " values ('" + username + "', '" + g + "')";
|
---|
178 | state.execute(sql_insert_group);
|
---|
179 | }
|
---|
180 |
|
---|
181 | conn.commit();
|
---|
182 | }
|
---|
183 | catch (Throwable e)
|
---|
184 | {
|
---|
185 | System.out.println("exception thrown:");
|
---|
186 | if (e instanceof SQLException)
|
---|
187 | {
|
---|
188 | printSQLError((SQLException) e);
|
---|
189 | }
|
---|
190 | else
|
---|
191 | {
|
---|
192 | e.printStackTrace();
|
---|
193 | }
|
---|
194 | closeDatabase();
|
---|
195 | System.out.println("Error:" + e.getMessage());
|
---|
196 | return "Error:" + e.getMessage();
|
---|
197 | }
|
---|
198 |
|
---|
199 | return "succeed";
|
---|
200 | }
|
---|
201 |
|
---|
202 | public String deleteUser(String del_username)
|
---|
203 | {
|
---|
204 | try
|
---|
205 | {
|
---|
206 | conn.setAutoCommit(false);
|
---|
207 | String sql_delete_user = "delete from " + USERS + " where username='" + del_username + "'";
|
---|
208 | String sql_delete_groups = "delete from " + ROLES + " where username='" + del_username + "'";
|
---|
209 | state.execute(sql_delete_user);
|
---|
210 | state.execute(sql_delete_groups);
|
---|
211 | conn.commit();
|
---|
212 | }
|
---|
213 | catch (Throwable e)
|
---|
214 | {
|
---|
215 | System.out.println("exception thrown:");
|
---|
216 | if (e instanceof SQLException)
|
---|
217 | {
|
---|
218 | printSQLError((SQLException) e);
|
---|
219 | }
|
---|
220 | else
|
---|
221 | {
|
---|
222 | e.printStackTrace();
|
---|
223 | }
|
---|
224 | closeDatabase();
|
---|
225 | return "Error:" + e.getMessage();
|
---|
226 | }
|
---|
227 | return "succeed";
|
---|
228 | }
|
---|
229 |
|
---|
230 | public boolean deleteAllUser() throws SQLException
|
---|
231 | {
|
---|
232 | conn.setAutoCommit(false);
|
---|
233 | try
|
---|
234 | {
|
---|
235 | state.execute("delete from " + USERS);
|
---|
236 | state.execute("delete from " + ROLES);
|
---|
237 | conn.commit();
|
---|
238 | }
|
---|
239 | catch (Throwable e)
|
---|
240 | {
|
---|
241 | System.out.println("exception thrown:");
|
---|
242 | if (e instanceof SQLException)
|
---|
243 | {
|
---|
244 | printSQLError((SQLException) e);
|
---|
245 | }
|
---|
246 | else
|
---|
247 | {
|
---|
248 | e.printStackTrace();
|
---|
249 | }
|
---|
250 | closeDatabase();
|
---|
251 | return false;
|
---|
252 | }
|
---|
253 | return true;
|
---|
254 | }
|
---|
255 |
|
---|
256 | public UserQueryResult findUser(String username, String password) throws SQLException
|
---|
257 | {
|
---|
258 | UserQueryResult userQueryResult = new UserQueryResult();
|
---|
259 |
|
---|
260 | conn.setAutoCommit(false);
|
---|
261 | String sql_find_user = "SELECT username, password, accountstatus, comment FROM " + USERS;
|
---|
262 | String append_sql = "";
|
---|
263 |
|
---|
264 | if (username != null)
|
---|
265 | {
|
---|
266 | append_sql = " WHERE username = '" + username + "'";
|
---|
267 | }
|
---|
268 | if (password != null)
|
---|
269 | {
|
---|
270 | if (append_sql.equals(""))
|
---|
271 | {
|
---|
272 | append_sql = " WHERE password = '" + password + "'";
|
---|
273 | }
|
---|
274 | else
|
---|
275 | {
|
---|
276 | append_sql += " and password = '" + password + "'";
|
---|
277 | }
|
---|
278 | }
|
---|
279 | if (!append_sql.equals(""))
|
---|
280 | {
|
---|
281 | sql_find_user += append_sql;
|
---|
282 | }
|
---|
283 |
|
---|
284 | ArrayList<HashMap<String, String>> users = new ArrayList<HashMap<String,String>>();
|
---|
285 | ResultSet rs = state.executeQuery(sql_find_user);
|
---|
286 | while (rs.next())
|
---|
287 | {
|
---|
288 | HashMap<String, String> user = new HashMap<String, String>();
|
---|
289 | user.put("username", rs.getString("username"));
|
---|
290 | user.put("password", rs.getString("password"));
|
---|
291 | user.put("as", rs.getString("accountstatus"));
|
---|
292 | user.put("comment", rs.getString("comment"));
|
---|
293 |
|
---|
294 | users.add(user);
|
---|
295 | }
|
---|
296 | conn.commit();
|
---|
297 |
|
---|
298 | for(HashMap<String, String> user : users)
|
---|
299 | {
|
---|
300 | ResultSet gs = state.executeQuery("SELECT role FROM " + ROLES + " WHERE username = '" + user.get("username") + "'");
|
---|
301 |
|
---|
302 | String group = "";
|
---|
303 | while(gs.next())
|
---|
304 | {
|
---|
305 | if(!group.equals(""))
|
---|
306 | {
|
---|
307 | group += ",";
|
---|
308 | }
|
---|
309 | group += gs.getString("role");
|
---|
310 | }
|
---|
311 |
|
---|
312 | System.out.println("GROUP = " + group);
|
---|
313 |
|
---|
314 | userQueryResult.addUserTerm(user.get("username"), user.get("password"), group, user.get("as"), user.get("comment"));
|
---|
315 | }
|
---|
316 |
|
---|
317 | if (userQueryResult.getSize() > 0)
|
---|
318 | {
|
---|
319 | return userQueryResult;
|
---|
320 | }
|
---|
321 | else
|
---|
322 | {
|
---|
323 | System.out.println("couldn't find the user");
|
---|
324 | return null;
|
---|
325 | }
|
---|
326 | }
|
---|
327 |
|
---|
328 | public String modifyUserInfo(String username, String new_password, String groups, String accountstatus, String comment)
|
---|
329 | {
|
---|
330 | try
|
---|
331 | {
|
---|
332 | conn.setAutoCommit(false);
|
---|
333 | String sql_modify_user_info = "update " + USERS + " set ";
|
---|
334 | if (new_password != null && !new_password.equals(""))
|
---|
335 | {
|
---|
336 | sql_modify_user_info += "password='" + new_password + "'";
|
---|
337 | }
|
---|
338 |
|
---|
339 | if (accountstatus != null && comment != null)
|
---|
340 | {
|
---|
341 | sql_modify_user_info += ", accountstatus='" + accountstatus + "'" + ", comment='" + comment + "'";
|
---|
342 | }
|
---|
343 | sql_modify_user_info += " where username='" + username + "'";
|
---|
344 | System.out.println(sql_modify_user_info);
|
---|
345 | state.execute(sql_modify_user_info);
|
---|
346 |
|
---|
347 | String sql_delete_groups = "delete from " + ROLES + " where username='" + username + "'";
|
---|
348 | state.execute(sql_delete_groups);
|
---|
349 |
|
---|
350 | String[] groupsArray = groups.split(",");
|
---|
351 | for(String g : groupsArray)
|
---|
352 | {
|
---|
353 | String sql_insert_group = "insert into " + ROLES + " values ('" + username + "', '" + g + "')";
|
---|
354 | state.execute(sql_insert_group);
|
---|
355 | }
|
---|
356 |
|
---|
357 | conn.commit();
|
---|
358 | }
|
---|
359 | catch (Throwable e)
|
---|
360 | {
|
---|
361 | System.out.println("exception thrown:");
|
---|
362 | if (e instanceof SQLException)
|
---|
363 | {
|
---|
364 | printSQLError((SQLException) e);
|
---|
365 | }
|
---|
366 | else
|
---|
367 | {
|
---|
368 | e.printStackTrace();
|
---|
369 | }
|
---|
370 | closeDatabase();
|
---|
371 | return "Error:" + e.getMessage();
|
---|
372 | }
|
---|
373 | return "succeed";
|
---|
374 | }
|
---|
375 |
|
---|
376 | public void db2txt() throws SQLException
|
---|
377 | {
|
---|
378 | UserQueryResult userQueryResult = new UserQueryResult();
|
---|
379 | String sql_list_all_user = "select username, password, accountstatus, comment from " + USERS;
|
---|
380 | ResultSet rs = state.executeQuery(sql_list_all_user);
|
---|
381 |
|
---|
382 | while (rs.next())
|
---|
383 | {
|
---|
384 | String returned_username = rs.getString("username");
|
---|
385 | System.out.println("[" + returned_username + "]");
|
---|
386 | String returned_comment = rs.getString("comment");
|
---|
387 | System.out.println("<comment>" + returned_comment);
|
---|
388 | String returned_accountstatus = rs.getString("accountstatus");
|
---|
389 | System.out.println("<enabled>" + returned_accountstatus);
|
---|
390 | ResultSet groupsSet = state.executeQuery("SELECT role FROM " + ROLES + " WHERE username = '" + returned_username + "'");
|
---|
391 | String returned_groups = "";
|
---|
392 | while(groupsSet.next())
|
---|
393 | {
|
---|
394 | if(!returned_groups.equals(""))
|
---|
395 | {
|
---|
396 | returned_groups += ",";
|
---|
397 | }
|
---|
398 | returned_groups += groupsSet.getString("role");
|
---|
399 | }
|
---|
400 | System.out.println("<groups>" + returned_groups);
|
---|
401 | String returned_password = rot13(rs.getString("password"));
|
---|
402 | System.out.println("<password>" + returned_password);
|
---|
403 | System.out.println("<username>" + returned_username);
|
---|
404 | System.out.println("");
|
---|
405 | System.out.println("----------------------------------------------------------------------");
|
---|
406 | }
|
---|
407 | conn.commit();
|
---|
408 | closeDatabase();
|
---|
409 | }
|
---|
410 |
|
---|
411 | static void printSQLError(SQLException e)
|
---|
412 | {
|
---|
413 | while (e != null)
|
---|
414 | {
|
---|
415 | System.out.println(e.toString());
|
---|
416 | e = e.getNextException();
|
---|
417 | }
|
---|
418 | }
|
---|
419 |
|
---|
420 | //Simply use rot-13 to encrypt and decrypt the password
|
---|
421 | public String rot13(String password)
|
---|
422 | {
|
---|
423 | String out_password = "";
|
---|
424 | for (int i = 0; i < password.length(); i++)
|
---|
425 | {
|
---|
426 | char c = password.charAt(i);
|
---|
427 | if (c >= 'a' && c <= 'm')
|
---|
428 | c += 13;
|
---|
429 | else if (c >= 'n' && c <= 'z')
|
---|
430 | c -= 13;
|
---|
431 | else if (c >= 'A' && c <= 'M')
|
---|
432 | c += 13;
|
---|
433 | else if (c >= 'A' && c <= 'Z')
|
---|
434 | c -= 13;
|
---|
435 | out_password += c;
|
---|
436 | }
|
---|
437 | return out_password;
|
---|
438 | }
|
---|
439 | }
|
---|