Class SecUserTableWriteCallback
- java.lang.Object
-
- de.businesscode.bcdui.binding.write.WriteProcessingCallback
-
- de.businesscode.bcdui.subjectsettings.SecUserTableWriteCallback
-
public class SecUserTableWriteCallback extends WriteProcessingCallback
To enable this class, add it as WriteProcessing/Callbacks/Callback/@class to bcd_sec_user BindingSet When writing to bcd_src_user we apply special handling: 1. Real column names of password and salt are not available in the BindingSet, so we set them here (for this one Wrq instance only, the value in BindingSet itself is not touched) Defaults are 'password' and 'password_salt', can be overwritten in web.xml in shiro as realmBcdJdbc.bcdSecUserPasswordColumnName/.bcdSecUserPasswordSaltColumnName 2. Password column writing is allowed only if a) the current user has the right given in PARAM_NAME_PERMISSION, which defaults to DEFAULT_PERMISSION, empty means everybody can write, or b) the old password is also given in an wrs:M and it matches the one currently found in database 3. If BindingItem password_salt is available in the BindingSet, we want the password salted On write we take the plain text pwd, hash it with salt and store both values. We may need to add the salt column before, if it is not present in the Wrq to the header and each row 4. If password BindingItem is not in the Wrq, or password is empty or equals NO_PASSWORD_GIVEN_VALUE, we remove the column
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class de.businesscode.bcdui.binding.write.WriteProcessingCallback
WriteProcessingCallback.ROW_TYPE
-
-
Field Summary
Fields Modifier and Type Field Description protected booleanbsHasSaltprotected java.util.List<BindingItem>columnsFullprotected java.util.List<BindingItem>columnsOfCallerprotected java.util.List<BindingItem>columnsWoPwdprotected java.util.List<java.lang.Integer>columnTypesFullprotected java.util.List<java.lang.Integer>columnTypesOfCallerprotected java.util.List<java.lang.Integer>columnTypesWoPwdprotected java.sql.Connectionconstatic java.lang.StringDEFAULT_PERMISSIONstatic java.lang.StringNO_PASSWORD_GIVEN_VALUEstatic java.lang.StringPARAM_NAME_PERMISSIONprotected BindingItempasswordBiprotected BindingItempasswordSaltBiprotected booleanpwdInOrigWrqprotected org.apache.shiro.subject.Subjectsubject-
Fields inherited from class de.businesscode.bcdui.binding.write.WriteProcessingCallback
bindingSet
-
-
Constructor Summary
Constructors Constructor Description SecUserTableWriteCallback()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidendDataRow(WriteProcessingCallback.ROW_TYPE rowType, java.util.List<java.lang.String> cValues, java.util.List<java.lang.String> oValues)Salt the password and save the hashed pwd and salt into their columns We are only allowed to write the password, if we have admin rights or provide the old password and change ourselvesvoidendHeader(java.util.List<BindingItem> columns, java.util.List<java.lang.Integer> columnTypes, java.util.Collection<java.lang.String> keyColumnNames)Find out where our target columns are (pwd and salt), add salt if it is not present but password is and the BindingSet contains itprotected booleanisAllowed(WriteProcessingCallback.ROW_TYPE wrqRowType, java.util.List<java.lang.String> cValues, java.util.List<java.lang.String> oValues, int wrqPasswordColIdx)Check permissions.-
Methods inherited from class de.businesscode.bcdui.binding.write.WriteProcessingCallback
getParams, getValueBean, indexOf, initialize, setBindingSet, setParams, setValueBean
-
-
-
-
Field Detail
-
PARAM_NAME_PERMISSION
public static final java.lang.String PARAM_NAME_PERMISSION
- See Also:
- Constant Field Values
-
DEFAULT_PERMISSION
public static final java.lang.String DEFAULT_PERMISSION
- See Also:
- Constant Field Values
-
NO_PASSWORD_GIVEN_VALUE
public static final java.lang.String NO_PASSWORD_GIVEN_VALUE
- See Also:
- Constant Field Values
-
pwdInOrigWrq
protected boolean pwdInOrigWrq
-
passwordBi
protected BindingItem passwordBi
-
passwordSaltBi
protected BindingItem passwordSaltBi
-
columnsOfCaller
protected java.util.List<BindingItem> columnsOfCaller
-
columnsFull
protected java.util.List<BindingItem> columnsFull
-
columnsWoPwd
protected java.util.List<BindingItem> columnsWoPwd
-
columnTypesOfCaller
protected java.util.List<java.lang.Integer> columnTypesOfCaller
-
columnTypesFull
protected java.util.List<java.lang.Integer> columnTypesFull
-
columnTypesWoPwd
protected java.util.List<java.lang.Integer> columnTypesWoPwd
-
con
protected java.sql.Connection con
-
bsHasSalt
protected boolean bsHasSalt
-
subject
protected org.apache.shiro.subject.Subject subject
-
-
Method Detail
-
endHeader
public void endHeader(java.util.List<BindingItem> columns, java.util.List<java.lang.Integer> columnTypes, java.util.Collection<java.lang.String> keyColumnNames) throws java.lang.Exception
Find out where our target columns are (pwd and salt), add salt if it is not present but password is and the BindingSet contains it- Overrides:
endHeaderin classWriteProcessingCallback- Throws:
java.lang.Exception
-
endDataRow
public void endDataRow(WriteProcessingCallback.ROW_TYPE rowType, java.util.List<java.lang.String> cValues, java.util.List<java.lang.String> oValues) throws java.lang.Exception
Salt the password and save the hashed pwd and salt into their columns We are only allowed to write the password, if we have admin rights or provide the old password and change ourselves- Overrides:
endDataRowin classWriteProcessingCallback- Parameters:
rowType- depending on the rowtype cValues and oValues change semantics, i.e: wrs:C in wrs:I vs wrs:C in wrs:McValues- list of values of wrs:C columnsoValues- list of values of wrs:O columns- Throws:
java.lang.Exception
-
isAllowed
protected boolean isAllowed(WriteProcessingCallback.ROW_TYPE wrqRowType, java.util.List<java.lang.String> cValues, java.util.List<java.lang.String> oValues, int wrqPasswordColIdx) throws java.lang.Exception
Check permissions. Either we are user-admin or are the user itself and know the old password- Parameters:
cValues-oValues-- Returns:
- Throws:
java.lang.Exception
-
-