From 747e42860ed5cdd129e1064cd95e813fbb63ea62 Mon Sep 17 00:00:00 2001 From: Al Sutton Date: Sun, 16 Sep 2018 15:27:57 +0100 Subject: [PATCH] Move database interactions to using try with resources --- .../database/AbstractAccessRoleDAO.java | 11 +- .../engine/database/AccessControl.java | 1 - .../database/AuthenticationSourceSummary.java | 2 - .../database/DatabaseAccessManager.java | 15 +- .../engine/database/GroupAccessRoleDAO.java | 4 - .../database/GroupStoreManipulator.java | 2 - .../database/HierarchyNodeAccessRuleDAO.java | 1 - .../engine/database/HierarchyNodeDAO.java | 3 - .../database/HierarchyNodePermissionDAO.java | 1 - .../database/HistoricalPasswordDAO.java | 1 - .../engine/database/IPZoneDAO.java | 129 +------- .../IntegrationModuleConfigurationDAO.java | 1 - .../engine/database/IntegrationModuleDAO.java | 1 - .../engine/database/LocationDAO.java | 89 +---- .../engine/database/PasswordProcessor.java | 1 - .../database/PasswordRestrictionDAO.java | 192 ++--------- .../database/PasswordStoreManipulator.java | 11 +- .../database/RestrictedAccessRequestDAO.java | 176 ++-------- .../engine/database/UserAccessControlDAO.java | 305 ++---------------- .../engine/database/UserAccessRoleDAO.java | 18 +- .../database/UserIPZoneRestrictionDAO.java | 176 ++-------- .../database/schema/HierarchyTable.java | 1 - .../database/schema/PasswordsTable.java | 1 - .../engine/utils/DatabaseConnectionUtils.java | 93 ------ 24 files changed, 137 insertions(+), 1098 deletions(-) delete mode 100644 src/main/java/com/enterprisepasswordsafe/engine/utils/DatabaseConnectionUtils.java diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/AbstractAccessRoleDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/AbstractAccessRoleDAO.java index bb1b257..83312f3 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/AbstractAccessRoleDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/AbstractAccessRoleDAO.java @@ -1,7 +1,5 @@ package com.enterprisepasswordsafe.engine.database; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; - import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; @@ -36,8 +34,7 @@ public T getByIds(final String itemId, final String actorId) public Map getAllForItem(final String id) throws SQLException { - Map results = new HashMap(); - + Map results = new HashMap<>(); try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(getAllSql)) { ps.setString(1, id); try(ResultSet rs = ps.executeQuery()) { @@ -54,16 +51,12 @@ public Map getAllForItem(final String id) public void delete(final String itemId, final String actorId, final String role) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(deleteSql); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(deleteSql)) { ps.setString(1, itemId); ps.setString(2, actorId); ps.setString(3, role); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } - } } diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/AccessControl.java b/src/main/java/com/enterprisepasswordsafe/engine/database/AccessControl.java index 7d350e4..83db56e 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/AccessControl.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/AccessControl.java @@ -37,7 +37,6 @@ import com.enterprisepasswordsafe.engine.AccessControlDecryptor; import com.enterprisepasswordsafe.engine.utils.Constants; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.engine.utils.KeyUtils; import com.enterprisepasswordsafe.proguard.JavaBean; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/AuthenticationSourceSummary.java b/src/main/java/com/enterprisepasswordsafe/engine/database/AuthenticationSourceSummary.java index fe0a455..bd487b2 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/AuthenticationSourceSummary.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/AuthenticationSourceSummary.java @@ -26,8 +26,6 @@ import java.util.ArrayList; import java.util.List; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; - /** * Summary class. Holds only the source name and ID diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/DatabaseAccessManager.java b/src/main/java/com/enterprisepasswordsafe/engine/database/DatabaseAccessManager.java index 2cd680e..ef6d6fc 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/DatabaseAccessManager.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/DatabaseAccessManager.java @@ -16,23 +16,20 @@ package com.enterprisepasswordsafe.engine.database; +import com.enterprisepasswordsafe.engine.configuration.JDBCConfiguration; +import com.enterprisepasswordsafe.engine.database.exceptions.DatabaseUnavailableException; +import com.enterprisepasswordsafe.engine.dbabstraction.DALFactory; +import com.enterprisepasswordsafe.engine.dbabstraction.DALInterface; + import java.security.GeneralSecurityException; import java.sql.Connection; import java.sql.DriverManager; import java.sql.SQLException; -import java.util.ArrayList; import java.util.HashMap; -import java.util.List; import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; -import com.enterprisepasswordsafe.engine.configuration.JDBCConfiguration; -import com.enterprisepasswordsafe.engine.database.exceptions.DatabaseUnavailableException; -import com.enterprisepasswordsafe.engine.dbabstraction.DALFactory; -import com.enterprisepasswordsafe.engine.dbabstraction.DALInterface; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; - /** * Class managing all the business object which may be needed to service the EPS. @@ -94,7 +91,7 @@ private void commitAndCloseConnection() { connection.commit(); } } finally { - DatabaseConnectionUtils.close(connection); + connection.close(); } } catch(Exception ex) { Logger.getAnonymousLogger().log(Level.WARNING, "Error commiting data on BOM close", ex); diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/GroupAccessRoleDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/GroupAccessRoleDAO.java index 6c28606..16fad66 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/GroupAccessRoleDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/GroupAccessRoleDAO.java @@ -17,12 +17,8 @@ package com.enterprisepasswordsafe.engine.database; import java.sql.PreparedStatement; -import java.sql.ResultSet; import java.sql.SQLException; -import java.util.HashMap; -import java.util.Map; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.proguard.ExternalInterface; public final class GroupAccessRoleDAO diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/GroupStoreManipulator.java b/src/main/java/com/enterprisepasswordsafe/engine/database/GroupStoreManipulator.java index 18fec71..76cbd99 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/GroupStoreManipulator.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/GroupStoreManipulator.java @@ -1,7 +1,5 @@ package com.enterprisepasswordsafe.engine.database; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; - import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; import java.sql.PreparedStatement; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeAccessRuleDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeAccessRuleDAO.java index 592501a..2af1f3c 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeAccessRuleDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeAccessRuleDAO.java @@ -27,7 +27,6 @@ import java.util.TreeSet; import com.enterprisepasswordsafe.engine.database.derived.UserSummary; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.proguard.ExternalInterface; /** diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeDAO.java index 4067ef1..4ef9aba 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodeDAO.java @@ -29,12 +29,9 @@ import com.enterprisepasswordsafe.engine.database.actions.NodeObjectAction; import com.enterprisepasswordsafe.engine.database.derived.HierarchyNodeChildren; import com.enterprisepasswordsafe.engine.database.derived.HierarchyNodeSummary; -import com.enterprisepasswordsafe.engine.database.derived.UserSummary; import com.enterprisepasswordsafe.engine.users.UserClassifier; import com.enterprisepasswordsafe.engine.utils.Cache; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.proguard.ExternalInterface; -import com.enterprisepasswordsafe.proguard.JavaBean; /** * Data access object for nodes in the hierarchy. diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodePermissionDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodePermissionDAO.java index 1a494a8..505a66c 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodePermissionDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/HierarchyNodePermissionDAO.java @@ -3,7 +3,6 @@ import com.enterprisepasswordsafe.engine.database.derived.UserSummary; import com.enterprisepasswordsafe.engine.nodes.GroupNodeDefaultPermission; import com.enterprisepasswordsafe.engine.nodes.UserNodeDefaultPermission; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/HistoricalPasswordDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/HistoricalPasswordDAO.java index 5b65066..e44f971 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/HistoricalPasswordDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/HistoricalPasswordDAO.java @@ -23,7 +23,6 @@ import java.sql.ResultSet; import java.sql.SQLException; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.engine.utils.DateFormatter; import com.enterprisepasswordsafe.engine.utils.PasswordUtils; import com.enterprisepasswordsafe.proguard.ExternalInterface; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/IPZoneDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/IPZoneDAO.java index c9742e0..7003dd2 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/IPZoneDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/IPZoneDAO.java @@ -16,6 +16,8 @@ package com.enterprisepasswordsafe.engine.database; +import com.enterprisepasswordsafe.proguard.ExternalInterface; + import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; @@ -23,70 +25,28 @@ import java.util.ArrayList; import java.util.List; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; -import com.enterprisepasswordsafe.proguard.ExternalInterface; - -/** - * Data access object for the IPZone objects. - */ - public class IPZoneDAO implements ExternalInterface { - /** - * Get all defined IP Zones - */ - private static final String GET_ZONES = - "SELECT ip_zone_id, name, ip_version, ip_start, ip_end " - + " FROM ip_zones " - + " ORDER BY name "; - - /** - * SQL to get an IP Zone by it's ID - */ + "SELECT ip_zone_id, name, ip_version, ip_start, ip_end FROM ip_zones ORDER BY name "; private static final String GET_ZONE_BY_ID = - "SELECT ip_zone_id, name, ip_version, ip_start, ip_end " - + " FROM ip_zones " - + " WHERE ip_zone_id = ? "; - - /** - * SQL to store the IP zone - */ + "SELECT ip_zone_id, name, ip_version, ip_start, ip_end FROM ip_zones WHERE ip_zone_id = ? "; private static final String STORE_ZONE = - "INSERT INTO ip_zones(ip_zone_id, name, ip_version, ip_start, ip_end) " - + " VALUES ( ?, ?, ?, ?, ?)"; - - /** - * SQL to update the IP Zone - */ + "INSERT INTO ip_zones(ip_zone_id, name, ip_version, ip_start, ip_end) VALUES( ?, ?, ?, ?, ?)"; private static final String UPDATE_ZONE = - "UPDATE ip_zones "+ - " SET name = ?, ip_start = ?, ip_end = ? "+ - " WHERE ip_zone_id = ?"; - - /** - * SQL to delete a zone. - */ + "UPDATE ip_zones SET name = ?, ip_start = ?, ip_end = ? WHERE ip_zone_id = ?"; private static final String DELETE_ZONE = "DELETE FROM ip_zones WHERE ip_zone_id = ?"; - /** - * Private constructor to prevent instantiation - */ - private IPZoneDAO() { super(); } - /** - * Create a new IP Zone. - */ - public IPZone create( String name, int version, String firstIp, String lastIp ) throws SQLException { IPZone newZone = new IPZone(name, version, firstIp, lastIp); @@ -94,16 +54,9 @@ public IPZone create( String name, int version, String firstIp, String lastIp ) return newZone; } - /** - * Store this zone in the database - * - * @param zone The zone to store. - */ - public void store( final IPZone zone ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(STORE_ZONE); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(STORE_ZONE)) { int idx = 1; ps.setString(idx++, zone.getId()); ps.setString(idx++, zone.getName()); @@ -111,98 +64,50 @@ public void store( final IPZone zone ) ps.setString(idx++, zone.getStartIp()); ps.setString(idx, zone.getEndIp()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Update the data stored in the database. - * - * @param zone The zone to update. - */ - public void update( final IPZone zone) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_ZONE); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_ZONE)) { int idx = 1; ps.setString(idx++, zone.getName()); ps.setString(idx++, zone.getStartIp()); ps.setString(idx++, zone.getEndIp()); ps.setString(idx, zone.getId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Delete this zone from the database - * - * @param zone The zone to delete - */ - public void delete( final IPZone zone ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_ZONE); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_ZONE)) { ps.setString(1, zone.getId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Get a specific zone. - * - * @param id The ID of the zone to get. - * - * @return The requested zone or null if the zone does not exist. - */ - public IPZone getById( final String id ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_ZONE_BY_ID); - ResultSet rs = null; - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_ZONE_BY_ID)) { ps.setString(1, id); ps.setMaxRows(1); - rs = ps.executeQuery(); - if(!rs.next()) { - return null; + try(ResultSet rs = ps.executeQuery()) { + return rs.next() ? new IPZone(rs) : null; } - - return new IPZone(rs); - } finally { - DatabaseConnectionUtils.close(rs); - DatabaseConnectionUtils.close(ps); } } - /** - * Get all of the defined zones. - * - * @return The list of zones defined. - */ - public List getAll( ) throws SQLException { List zones = new ArrayList(); - - Statement stmt = BOMFactory.getCurrentConntection().createStatement(); - ResultSet rs = null; - try { - rs = stmt.executeQuery(GET_ZONES); - while( rs.next() ) { - zones.add(new IPZone(rs)); + try(Statement stmt = BOMFactory.getCurrentConntection().createStatement()) { + try(ResultSet rs = stmt.executeQuery(GET_ZONES)) { + while (rs.next()) { + zones.add(new IPZone(rs)); + } } - } finally { - DatabaseConnectionUtils.close(rs); - DatabaseConnectionUtils.close(stmt); } - return zones; } diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleConfigurationDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleConfigurationDAO.java index 179a14e..bd568cf 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleConfigurationDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleConfigurationDAO.java @@ -22,7 +22,6 @@ import java.util.HashMap; import java.util.Map; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.proguard.ExternalInterface; public final class IntegrationModuleConfigurationDAO implements ExternalInterface { diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleDAO.java index 9f99c8a..80fced8 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/IntegrationModuleDAO.java @@ -25,7 +25,6 @@ import com.enterprisepasswordsafe.engine.integration.PasswordChanger; import com.enterprisepasswordsafe.engine.integration.PasswordChangerProperty; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.proguard.ExternalInterface; /** diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/LocationDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/LocationDAO.java index f0e86fd..42a5adb 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/LocationDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/LocationDAO.java @@ -16,127 +16,62 @@ package com.enterprisepasswordsafe.engine.database; +import com.enterprisepasswordsafe.engine.utils.IDGenerator; +import com.enterprisepasswordsafe.proguard.ExternalInterface; + import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; import java.util.List; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; -import com.enterprisepasswordsafe.engine.utils.IDGenerator; -import com.enterprisepasswordsafe.proguard.ExternalInterface; - -/** - * DAO for accessing information about password locations - */ - public class LocationDAO implements ExternalInterface { - /** - * The SQL to find the id of a location by its name. - */ - private static final String GET_BY_NAME_SQL = "select id from locations where name = ?"; - /** - * The SQL to find all the location names in use - */ - private static final String GET_ALL_SQL = "select id, name from locations ORDER BY name"; - /** - * The SQL to write a new password into the database. - */ - private static final String WRITE_LOCATION_SQL = "INSERT INTO locations (id, name) VALUES (?, ?)"; - /** - * Get all of the known systems passwords have been stored for. - * - * @return a List of all the known password systems. - */ - public List getAll() throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_ALL_SQL); - try { - ResultSet rs = ps.executeQuery(); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_ALL_SQL)) { + try(ResultSet rs = ps.executeQuery()) { List results = new ArrayList(); while(rs.next()) { results.add(new LocationDetails(rs.getString(1), rs.getString(2))); } return results; - } finally { - DatabaseConnectionUtils.close(rs); } - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Gets the ID for a specific location - * - * @param location The location to get the ID for - * - * @return The - * - */ - private String getIdByName(final String location) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_NAME_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_NAME_SQL)) { ps.setString(1, location); - ResultSet rs = ps.executeQuery(); - try { - if(!rs.next()) { - return null; - } - return rs.getString(1); - } finally { - DatabaseConnectionUtils.close(rs); + try(ResultSet rs = ps.executeQuery()) { + return rs.next() ? rs.getString(1) : null; } - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Adds a location and returns the ID - */ - private String addLocation(final String name) throws SQLException { String id = IDGenerator.getID(); - - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(WRITE_LOCATION_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(WRITE_LOCATION_SQL)) { ps.setString(1, id); ps.setString(2, name); ps.executeUpdate(); - return id; - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Gets an ID for a location, if the location doesn't exist a new location - * is added and that ID returned. - */ - public String getId(final String location) throws SQLException { String existingId = getIdByName(location); - if(existingId != null) { - return existingId; - } - - return addLocation(location); + return existingId != null ? existingId : addLocation(location); } private static final class InstanceHolder { @@ -147,10 +82,6 @@ public static LocationDAO getInstance() { return InstanceHolder.INSTANCE; } - /** - * The details of a location - */ - public static class LocationDetails { private final String id; private final String name; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordProcessor.java b/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordProcessor.java index 091b7ef..6507c8d 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordProcessor.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordProcessor.java @@ -2,7 +2,6 @@ import com.enterprisepasswordsafe.engine.database.actions.PasswordAction; import com.enterprisepasswordsafe.engine.users.UserClassifier; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import java.sql.PreparedStatement; import java.sql.ResultSet; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordRestrictionDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordRestrictionDAO.java index 4d68153..b1fff55 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordRestrictionDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordRestrictionDAO.java @@ -16,6 +16,8 @@ package com.enterprisepasswordsafe.engine.database; +import com.enterprisepasswordsafe.proguard.ExternalInterface; + import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; @@ -23,108 +25,34 @@ import java.util.ArrayList; import java.util.List; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; -import com.enterprisepasswordsafe.proguard.ExternalInterface; - -/** - * Data access object for the user access control. - */ public class PasswordRestrictionDAO implements ExternalInterface { - /** - * The SQL statement to get the restriction for a given ID. - */ - private static final String GET_SQL = - "SELECT restriction_id, " + - " name, " + - " min_numeric, " + - " min_lower, " + - " min_upper, " + - " min_special, " + - " min_length, " + - " special, " + - " lifetime, " + - " max_length " + - " FROM password_restrictions " + - " WHERE restriction_id = ? "; - - /** - * The SQL statement to insert a restrictions. - */ + "SELECT restriction_id, name, min_numeric, min_lower, min_upper, " + + " min_special, min_length, special, lifetime, max_length " + + " FROM password_restrictions WHERE restriction_id = ? "; private static final String INSERT_SQL = - "INSERT INTO password_restrictions( " + - " restriction_id, " + - " name, "+ - " min_numeric, "+ - " min_lower, "+ - " min_upper, "+ - " min_special, "+ - " min_length, "+ - " max_length, "+ - " special, " + - " lifetime "+ - " ) VALUES ( "+ - " ?, "+ - " ?, "+ - " ?, "+ - " ?, "+ - " ?, "+ - " ?, "+ - " ?, "+ - " ?, "+ - " ?, "+ - " ? "+ - " )"; - - /** - * The SQL statement to update a restrictions. - */ + "INSERT INTO password_restrictions( restriction_id, name, min_numeric, min_lower, min_upper, "+ + " min_special, min_length, max_length, special, lifetime ) VALUES ( "+ + " ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )"; private static final String UPDATE_SQL = - "UPDATE password_restrictions " + - " SET name = ?, "+ - " min_numeric = ?, "+ - " min_lower = ?, "+ - " min_upper = ?, "+ - " min_special = ?, "+ - " min_length = ?, "+ - " max_length = ?, "+ - " special = ?, "+ - " lifetime = ? " + + "UPDATE password_restrictions SET name = ?, min_numeric = ?, min_lower = ?, min_upper = ?, "+ + " min_special = ?, min_length = ?, max_length = ?, special = ?, lifetime = ? " + " WHERE restriction_id = ?"; - /** - * The SQL statement to summaries of all of the restrictions. - */ - private static final String GET_ALL_SUMMARIES_SQL = - " SELECT restriction_id, name " - + " FROM password_restrictions " - + " ORDER BY name"; - - /** - * SQL to delete the details of a restriction from the database - */ + "SELECT restriction_id, name FROM password_restrictions ORDER BY name"; private static final String DELETE_SQL = - "DELETE FROM password_restrictions " - + " WHERE restriction_id = ? "; - - /** - * Private constructor to prevent instantiation - */ + "DELETE FROM password_restrictions WHERE restriction_id = ? "; private PasswordRestrictionDAO() { super(); } - /** - * Create a password restriction. - */ - public PasswordRestriction create(final String name, final int minLower, final int minUpper, final int minNumeric, final int minSpecial, final int minLength, final int maxLength, final String special, @@ -132,24 +60,14 @@ public PasswordRestriction create(final String name, final int minLower, throws SQLException { PasswordRestriction newRestriction = new PasswordRestriction( name, minLower, minUpper, minNumeric, minSpecial, - minLength, maxLength, special, lifetime - ); + minLength, maxLength, special, lifetime); store(newRestriction); return newRestriction; } - /** - * Store a PasswordRestriction. - * - * @param restriction The restriction to store. - * - * @throws SQLException Thrown if there is a problem talking to the database. - */ - public void store(PasswordRestriction restriction) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(INSERT_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(INSERT_SQL)) { int idx = 1; ps.setString( idx++, restriction.getId()); ps.setString( idx++, restriction.getName()); @@ -162,24 +80,12 @@ public void store(PasswordRestriction restriction) ps.setString( idx++, restriction.getSpecialCharacters()); ps.setInt ( idx, restriction.getLifetime()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - - /** - * Update a PasswordRestriction - * - * @param restriction The restriction to update. - * - * @throws SQLException Thrown if there is a problem talking to the database. - */ - public void update(PasswordRestriction restriction) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_SQL)) { int idx = 1; ps.setString( idx++, restriction.getName() ); ps.setInt ( idx++, restriction.getMinNumeric() ); @@ -192,86 +98,38 @@ public void update(PasswordRestriction restriction) ps.setInt ( idx++, restriction.getLifetime() ); ps.setString( idx++, restriction.getId() ); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Delete a PasswordRestriction. - * - * @param id The ID of the restriction to get. - * - * @throws SQLException Thrown if there was a problem talking to the database. - */ - public void delete(final String id) throws SQLException { - PreparedStatement deleteStatement = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL); - try { + try(PreparedStatement deleteStatement = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL)) { deleteStatement.setString(1, id); deleteStatement.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(deleteStatement); } } - /** - * Gets a specific PasswordRestriction. - * - * @param restrictionId The ID of the restriction to get. - * - * @return The requested PasswordRestriction, or null if it doesn't exist. - * - * @throws SQLException Thrown if there is problem talking to the database. - */ - public PasswordRestriction getById(final String restrictionId) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_SQL); - ResultSet rs = null; - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_SQL)) { ps.setString(1, restrictionId); ps.setMaxRows(1); - - rs = ps.executeQuery(); - if (rs.next()) { - return new PasswordRestriction(rs); + try(ResultSet rs = ps.executeQuery()) { + return rs.next() ? new PasswordRestriction(rs) : null; } - } finally { - DatabaseConnectionUtils.close(rs); - DatabaseConnectionUtils.close(ps); } - - return null; } - /** - * Gets a List of summaries of all the PasswordRestrictions. - * - * @return A java.util.List of restrictions - * - * @throws SQLException Thrown if there is problem talking to the database. - */ - public List getAll() throws SQLException { List restrictions = new ArrayList(); - Statement stmt = BOMFactory.getCurrentConntection().createStatement(); - ResultSet rs = null; - try { - rs = stmt.executeQuery(GET_ALL_SUMMARIES_SQL); - while(rs.next()) { - restrictions.add( - new PasswordRestriction.Summary( - rs.getString(1), - rs.getString(2) - ) - ); + try(Statement stmt = BOMFactory.getCurrentConntection().createStatement()) { + try(ResultSet rs = stmt.executeQuery(GET_ALL_SUMMARIES_SQL)) { + while (rs.next()) { + restrictions.add( + new PasswordRestriction.Summary(rs.getString(1), rs.getString(2))); + } } - } finally { - DatabaseConnectionUtils.close(rs); - DatabaseConnectionUtils.close(stmt); } return restrictions; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordStoreManipulator.java b/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordStoreManipulator.java index b4867bb..484d41e 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordStoreManipulator.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/PasswordStoreManipulator.java @@ -1,6 +1,5 @@ package com.enterprisepasswordsafe.engine.database; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.engine.utils.PasswordUtils; import java.io.IOException; @@ -155,8 +154,7 @@ public void update(final Password password, final User modifyingUser, final Acce public void update(final Password password, final AccessControl ac) throws SQLException, GeneralSecurityException, IOException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_PASSWORD_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_PASSWORD_SQL)) { int idx = 1; if (password.isEnabled()) { ps.setString(idx++, null); @@ -174,8 +172,6 @@ public void update(final Password password, final AccessControl ac) ps.setString(idx, password.getId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } @@ -185,8 +181,7 @@ public void delete(final User deletingUser, final Password password) return; } - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL)) { ps.setString(1, password.getId()); ps.executeUpdate(); @@ -195,8 +190,6 @@ public void delete(final User deletingUser, final Password password) TamperproofEventLogDAO.getInstance().create(TamperproofEventLog.LOG_LEVEL_OBJECT_MANIPULATION, deletingUser, null, "Deleted the password " + password.toString(), sendEmail); } - } finally { - DatabaseConnectionUtils.close(ps); } } diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/RestrictedAccessRequestDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/RestrictedAccessRequestDAO.java index 1ab8b03..43f876a 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/RestrictedAccessRequestDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/RestrictedAccessRequestDAO.java @@ -16,6 +16,10 @@ package com.enterprisepasswordsafe.engine.database; +import com.enterprisepasswordsafe.engine.database.AccessRole.ApproverSummary; +import com.enterprisepasswordsafe.engine.utils.DateFormatter; +import com.enterprisepasswordsafe.proguard.ExternalInterface; + import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; @@ -23,103 +27,42 @@ import java.util.List; import java.util.Set; -import com.enterprisepasswordsafe.engine.database.AccessRole.ApproverSummary; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; -import com.enterprisepasswordsafe.engine.utils.DateFormatter; -import com.enterprisepasswordsafe.proguard.ExternalInterface; - -/** - * Data access object for the group objects. - */ public final class RestrictedAccessRequestDAO implements ExternalInterface { - /** - * The fields involved in a request. - */ - private static final String SQL_FIELDS = "request_id, item_id, requester_id, approvers_list_id, request_dt_l, viewed_dt_l, reason"; - /** - * SQL to get the reuqest by id - */ private static final String GET_SQL = - "SELECT " + SQL_FIELDS + " " + - " FROM ra_requests " + - " WHERE request_id = ? "; - - /** - * SQL to get any non-expired requests for a user and item. - */ + "SELECT " + SQL_FIELDS + " FROM ra_requests WHERE request_id = ? "; private static final String GET_VALID_REQUEST = - "SELECT " + SQL_FIELDS + " " + - " FROM ra_requests " + - " WHERE item_id = ? " + - " AND requester_id = ?" + - " AND (request_dt_l > ? OR (viewed_dt_l IS NOT NULL AND viewed_dt_l > ?)) "; - - /** - * SQL to get any non-expired requests for a user and item. - */ + "SELECT " + SQL_FIELDS + " FROM ra_requests WHERE item_id = ? " + + " AND requester_id = ? AND (request_dt_l > ? OR (viewed_dt_l IS NOT NULL AND viewed_dt_l > ?)) "; private static final String GET_OUTSTANDING_REQUESTS = - "SELECT rar.request_id, " + - " rar.item_id, " + - " rar.requester_id, " + - " rar.approvers_list_id, " + - " rar.request_dt_l, " + - " rar.viewed_dt_l, " + - " rar.reason "+ - " FROM ra_requests rar, " + - " ra_approver_lists ral " + + "SELECT rar.request_id, rar.item_id, rar.requester_id, rar.approvers_list_id, " + + " rar.request_dt_l, rar.viewed_dt_l, rar.reason "+ + " FROM ra_requests rar, ra_approver_lists ral " + " WHERE (rar.request_dt_l > ? OR (rar.viewed_dt_l IS NOT NULL AND rar.viewed_dt_l > ?)) " + - " AND ral.list_id = rar.approvers_list_id "+ - " AND ral.user_id = ?"; - - /** - * Set the viewed dt for a particular request. - */ + " AND ral.list_id = rar.approvers_list_id AND ral.user_id = ?"; private static final String SET_VIEWED_DT = "UPDATE ra_requests SET viewed_dt_l = ? WHERE request_id = ?"; - /** - * SQL to store the data into the database. - */ - private static final String INSERT_SQL = - "INSERT INTO ra_requests "+ - " (request_id, item_id, requester_id, approvers_list_id, request_dt_l, reason) "+ + "INSERT INTO ra_requests (request_id, item_id, requester_id, approvers_list_id, request_dt_l, reason) "+ " VALUES ( ?, ?, ?, ?, ?, ?)"; - /** - * Constructor. Stores the connection. - * - * @param theConnection The connection used to store the information. - */ - private RestrictedAccessRequestDAO( ) { super(); } - /** - * Gets the lifetime for a RA request. - * - * @return The lifetime for an RA request. - */ - private int getRARLifetime() throws SQLException{ String storedLifetime = ConfigurationDAO.getValue(ConfigurationOption.RAR_LIFETIME); return Integer.parseInt(storedLifetime) * 60; } - - /** - * Constructor. Stores information. - */ - public RestrictedAccessRequest create ( final String itemId, final String requesterId, final String reason, final String ignoreUserId) throws SQLException { @@ -132,18 +75,9 @@ public RestrictedAccessRequest create ( final String itemId, return rar; } - /** - * Store this request in the database - * - * @param conn The connection to the database. - * - * @throws SQLException Thrown if there is a problem accessing the database. - */ - public void store(RestrictedAccessRequest rar) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(INSERT_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(INSERT_SQL)) { ps.setString(1, rar.getRequestId()); ps.setString(2, rar.getItemId()); ps.setString(3, rar.getRequesterId()); @@ -151,126 +85,62 @@ public void store(RestrictedAccessRequest rar) ps.setLong (5, rar.getRequestDT()); ps.setString(6, rar.getReason()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Check for an outstanding request for a user - * - * @param itemId The ID of the item in the database. - * @param requesterId The ID of the person requesting access. - */ - public RestrictedAccessRequest getValidRequest( final String itemId, final String requesterId) throws SQLException { long requestCutoff = DateFormatter.getTimeInPast(getRARLifetime()); - - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_VALID_REQUEST); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_VALID_REQUEST)) { ps.setString(1, itemId); ps.setString(2, requesterId); ps.setLong (3, requestCutoff); ps.setLong (4, requestCutoff); - ResultSet rs = ps.executeQuery(); - try { - if( rs.next() ) { - return new RestrictedAccessRequest(rs, getRARLifetime()); - } - } finally { - DatabaseConnectionUtils.close(rs); + try(ResultSet rs = ps.executeQuery()) { + return rs.next() ? new RestrictedAccessRequest(rs, getRARLifetime()) : null; } - } finally { - DatabaseConnectionUtils.close(ps); } - - return null; } - /** - * Get a restricted access request by its' ID. - * - * @param conn The connection to the database. - * @param id The ID of the request to fetch. - * - * @return The request, or null if it does not exist. - */ - public RestrictedAccessRequest getById( final String id ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_SQL)) { ps.setString(1, id); ps.setMaxRows(1); - ResultSet rs = ps.executeQuery(); - try { - if( rs.next() ) { - return new RestrictedAccessRequest(rs, getRARLifetime()); - } - - return null; - } finally { - DatabaseConnectionUtils.close(rs); + try(ResultSet rs = ps.executeQuery()) { + return rs.next() ? new RestrictedAccessRequest(rs, getRARLifetime()) : null; } - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Set the time the Restricted Access Request password was viewed. - * - * @param rar The restricted access request to mark. - * @param newViewedDT The time the password was viewed. - * - * @throws SQLException Thrown if there is a problem setting the viewed DT. - */ public void setViewedDT(RestrictedAccessRequest rar, final long newViewedDT) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(SET_VIEWED_DT); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(SET_VIEWED_DT)) { ps.setLong (1, newViewedDT); ps.setString(2, rar.getRequestId()); ps.executeUpdate(); rar.setViewedDT(newViewedDT); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Get all the outstanding RA requests for a user. - * - * @param user The user to get the outstanding RA requests. - * - * @return The Set of RA requests. - */ public List getRARsForUser(final User user) throws SQLException { List rars = new ArrayList(); int rarLifetime = getRARLifetime(); long requestCutoff = DateFormatter.getTimeInPast(rarLifetime); - - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_OUTSTANDING_REQUESTS); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_OUTSTANDING_REQUESTS)) { ps.setLong (1, requestCutoff); ps.setLong (2, requestCutoff); ps.setString(3, user.getUserId()); - ResultSet rs = ps.executeQuery(); - try { - while( rs.next() ) { + try(ResultSet rs = ps.executeQuery()) { + while (rs.next()) { rars.add(new RestrictedAccessRequest(rs, rarLifetime)); } return rars; - } finally { - DatabaseConnectionUtils.close(rs); } - } finally { - DatabaseConnectionUtils.close(ps); } } diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessControlDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessControlDAO.java index da205b9..dd37cff 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessControlDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessControlDAO.java @@ -16,7 +16,11 @@ package com.enterprisepasswordsafe.engine.database; -import java.io.IOException; +import com.enterprisepasswordsafe.engine.database.schema.AccessControlDAOInterface; +import com.enterprisepasswordsafe.engine.utils.KeyUtils; +import com.enterprisepasswordsafe.proguard.ExternalInterface; + +import javax.crypto.BadPaddingException; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; import java.security.PrivateKey; @@ -30,130 +34,45 @@ import java.util.logging.Level; import java.util.logging.Logger; -import javax.crypto.BadPaddingException; - -import com.enterprisepasswordsafe.engine.database.schema.AccessControlDAOInterface; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; -import com.enterprisepasswordsafe.engine.utils.InvalidLicenceException; -import com.enterprisepasswordsafe.engine.utils.KeyUtils; -import com.enterprisepasswordsafe.proguard.ExternalInterface; - -/** - * Data access object for the user access control. - */ - public final class UserAccessControlDAO implements ExternalInterface, AccessControlDAOInterface { - /** - * The fields needed in a ResultSet to construct a user access control. - */ - public static final String UAC_FIELDS = " uac.item_id, uac.mkey, uac.rkey, uac.user_id "; public static final int UAC_FIELD_COUNT = 1 + AccessControl.ACCESS_CONTROL_FIELD_COUNT; - /** - * The SQL statement to get a category. - */ - private static final String WRITE_UAC_SQL = - "INSERT INTO user_access_control(user_id, item_id, rkey, mkey)" - + " VALUES( ?, ?, ?, ?)"; - - /** - * The SQL statement to get the uac for a given username/item - * combination. - */ + "INSERT INTO user_access_control(user_id, item_id, rkey, mkey) VALUES( ?, ?, ?, ?)"; private static final String GET_UAC_SQL = - "SELECT " + UAC_FIELDS - + " FROM user_access_control uac " - + " WHERE uac.user_id = ? " - + " AND uac.item_id = ? " + "SELECT " + UAC_FIELDS + " FROM user_access_control uac WHERE uac.user_id = ? AND uac.item_id = ? " + " AND uac.rkey is not null"; - - /** - * The SQL statement to get the uac for a given username/item - * combination. - */ - private static final String GET_ALL_UAC_FOR_USER_SQL = - "SELECT " + UAC_FIELDS - + " FROM user_access_control uac " - + " WHERE uac.user_id = ? "; - - /** - * The SQL to delete a UAC. - */ + "SELECT " + UAC_FIELDS + " FROM user_access_control uac WHERE uac.user_id = ? "; private static final String DELETE_SQL = - "DELETE FROM user_access_control " - + " WHERE user_id = ? " - + " AND item_id = ?"; - - /** - * The SQL to delete all UACs for an item. - */ + "DELETE FROM user_access_control WHERE user_id = ? AND item_id = ?"; private static final String DELETE_ALL_FOR_ITEM_SQL = - "DELETE FROM user_access_control " - + " WHERE item_id = ?"; - - /** - * The SQL to get all group access controls for all groups with access to - * this password. - */ + "DELETE FROM user_access_control WHERE item_id = ?"; private static final String GET_UAC_SUMMARIES_UAC_SQL = - "SELECT uac.rkey, uac.mkey" - + " FROM user_access_control uac " - + " WHERE uac.item_id = ? " - + " AND uac.user_id = ?" - + " AND uac.rkey is not null "; - - /** - * The SQL to get all group access controls for all groups with access to - * this password. - */ + "SELECT uac.rkey, uac.mkey FROM user_access_control uac " + + " WHERE uac.item_id = ? AND uac.user_id = ? AND uac.rkey is not null "; private static final String GET_UAC_SUMMARIES_UAR_SQL = - "SELECT uar.role" - + " FROM user_access_roles uar " - + " WHERE uar.item_id = ? " - + " AND uar.actor_id = ?"; - - /** - * Private constructor to prevent instantiation - */ + "SELECT uar.role FROM user_access_roles uar WHERE uar.item_id = ? AND uar.actor_id = ?"; private UserAccessControlDAO( ) { super(); } - /** - * Create a UAC for a user and password. - * - * @param theUser The user we are creating the UAC for - * @param theObject The object to create the UAC for. - * @throws GeneralSecurityException - * @throws UnsupportedEncodingException - */ - public UserAccessControl create(final User theUser, final AccessControledObject item, boolean allowRead, boolean allowModify) throws SQLException, UnsupportedEncodingException, GeneralSecurityException { return create(theUser, item, allowRead, allowModify, true); } - /** - * Create a UAC for a user and password. - * - * @param theUser The user we are creating the UAC for - * @param theObject The object to create the UAC for. - * @throws GeneralSecurityException - * @throws UnsupportedEncodingException - */ public UserAccessControl create(final User theUser, final AccessControledObject item, final boolean allowRead, final boolean allowModify, final boolean writeToDB) @@ -171,74 +90,31 @@ public UserAccessControl create(final User theUser, final AccessControledObject modifyKey = item.getModifyKey(); } - UserAccessControl newUac = - new UserAccessControl(theUser.getUserId(), item.getId(), modifyKey, item.getReadKey()); + UserAccessControl newUac = new UserAccessControl(theUser.getUserId(), item.getId(), modifyKey, item.getReadKey()); if( writeToDB ) { write( newUac, theUser.getKeyEncrypter() ); } return newUac; } - /** - * Write a UAC for a user. - * - * @param uac The UAC to write - * @param user The user to write the UAC for - * - * @throws SQLException - * @throws GeneralSecurityException - * @throws UnsupportedEncodingException - */ - public void write(final UserAccessControl uac, final User user ) throws SQLException, UnsupportedEncodingException, GeneralSecurityException { write(uac, user.getKeyEncrypter()); } - /** - * Write a UAC for a user. - * - * @param uac The UAC to write - * @param encrypter The encrypter to use to write the entry - * - * @throws SQLException - * @throws GeneralSecurityException - * @throws UnsupportedEncodingException - */ - public void write(final UserAccessControl uac, final Encrypter encrypter ) throws SQLException, UnsupportedEncodingException, GeneralSecurityException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(WRITE_UAC_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(WRITE_UAC_SQL)) { ps.setString(1, uac.getUserId()); ps.setString(2, uac.getItemId()); ps.setBytes (3, KeyUtils.encryptKey(uac.getReadKey(), encrypter)); ps.setBytes (4, KeyUtils.encryptKey(uac.getModifyKey(), encrypter)); ps.executeUpdate(); - } finally { - ps.close(); } } - /** - * Gets the data about an individual user access control. - * - * @param conn - * The connection to the database. - * @param user - * The user for whom the UAC is active - * @param itemId - * The ID of the item to get the UAC for. - * - * @return The user access control. - * - * @throws SQLException Thrown if there is a problem accessing the database. - * @throws GeneralSecurityException Thrown if there is a problem decrypting the data. - * @throws UnsupportedEncodingException - */ - public UserAccessControl getUac(final User user, final AccessControledObject item) throws SQLException, GeneralSecurityException, UnsupportedEncodingException { if (item == null) { @@ -248,98 +124,39 @@ public UserAccessControl getUac(final User user, final AccessControledObject ite return getUac(user, item.getId()); } - /** - * Gets the data about an individual user access control. - * - * @param conn - * The connection to the database. - * @param user - * The user for whom the UAC is active - * @param itemId - * The ID of the item to get the UAC for. - * - * @return The user access control. - * - * @throws SQLException Thrown if there is a problem accessing the database. - * @throws GeneralSecurityException Thrown if there is a problem decrypting the data. - * @throws UnsupportedEncodingException - */ - public UserAccessControl getUac(final User user, final String itemId) throws SQLException, GeneralSecurityException, UnsupportedEncodingException { if (user == null || itemId == null) { return null; } - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_UAC_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_UAC_SQL)) { ps.setString(1, user.getUserId()); ps.setString(2, itemId); ps.setMaxRows(1); - ResultSet rs = ps.executeQuery(); - try { - if (rs.next()) { - return new UserAccessControl(rs, 1, user); - } - return null; - } finally { - DatabaseConnectionUtils.close(rs); + try(ResultSet rs = ps.executeQuery()) { + return rs.next() ? new UserAccessControl(rs, 1, user) : null; } - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Delete this access control. - * - * @param conn The connection to the database. - * - * @throws SQLException Thrown if there is a problem accessing the database. - */ - public void delete(UserAccessControl uac) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL)) { ps.setString(1, uac.getUserId()); ps.setString(2, uac.getItemId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Delete this access control. - * - * @param conn The connection to the database. - * - * @throws SQLException Thrown if there is a problem accessing the database. - */ - public void deleteAllForItem(AccessControledObject aco) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_ALL_FOR_ITEM_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_ALL_FOR_ITEM_SQL)) { ps.setString(1, aco.getId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Delete this access control. - * - * @param conn The connection to the database. - * - * @throws SQLException Thrown if there is a problem accessing the database. - * - * @throws GeneralSecurityException - * @throws UnsupportedEncodingException - */ - public void updateEncryptionOnKeys(final User user, final Encrypter encrypter) throws SQLException, UnsupportedEncodingException, GeneralSecurityException { if (user == null) { @@ -347,11 +164,9 @@ public void updateEncryptionOnKeys(final User user, final Encrypter encrypter) } List encryptionList = new ArrayList(); - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_ALL_UAC_FOR_USER_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_ALL_UAC_FOR_USER_SQL)) { ps.setString(1, user.getUserId()); - ResultSet rs = ps.executeQuery(); - try { + try(ResultSet rs = ps.executeQuery()) { while(rs.next()) { try { final UserAccessControl ac = new UserAccessControl(rs, 1, user); @@ -362,11 +177,7 @@ public void updateEncryptionOnKeys(final User user, final Encrypter encrypter) Logger.getAnonymousLogger().log(Level.SEVERE, "User "+user.getUserName()+" encountered a problem on key update.", e); } } - } finally { - DatabaseConnectionUtils.close(rs); } - } finally { - DatabaseConnectionUtils.close(ps); } for(UserAccessControl ac : encryptionList ) { @@ -374,29 +185,12 @@ public void updateEncryptionOnKeys(final User user, final Encrypter encrypter) } } - /** - * Get a sorted user set of access summaries for this password. - * - * @param conn - * The connection to the database. - * - * @return The Set of access summaries. - * - * @throws SQLException - * Thrown if there is a problem accessing the database. - * @throws GeneralSecurityException - * Thrown if there is a problem with the access credentials. - * @throws UnsupportedEncodingException - */ - public Set getSummaries(final AccessControledObject item) throws GeneralSecurityException, SQLException, UnsupportedEncodingException { Set summaries = new TreeSet(); - PreparedStatement uacPS = BOMFactory.getCurrentConntection().prepareStatement(GET_UAC_SUMMARIES_UAC_SQL); - try { - PreparedStatement uarPS = BOMFactory.getCurrentConntection().prepareStatement(GET_UAC_SUMMARIES_UAR_SQL); - try { + try(PreparedStatement uacPS = BOMFactory.getCurrentConntection().prepareStatement(GET_UAC_SUMMARIES_UAC_SQL)) { + try(PreparedStatement uarPS = BOMFactory.getCurrentConntection().prepareStatement(GET_UAC_SUMMARIES_UAR_SQL)) { uacPS.setString(1, item.getId()); uarPS.setString(1, item.getId()); @@ -405,23 +199,19 @@ public Set getSummaries(final AccessControledObject item) boolean canModify = false; uacPS.setString(2, thisUser.getUserId()); uacPS.setMaxRows(1); - ResultSet rs = uacPS.executeQuery(); - try { + try(ResultSet rs = uacPS.executeQuery()) { if( rs.next() ) { rs.getBytes(1); // Read the read key canRead = (rs.wasNull() == false); rs.getBytes(2); // Read the modify key canModify = (rs.wasNull() == false); } - } finally { - DatabaseConnectionUtils.close(rs); } boolean canApproveRARequest = false; boolean canViewHistory = false; uarPS.setString(2, thisUser.getUserId()); - rs = uarPS.executeQuery(); - try { + try(ResultSet rs = uarPS.executeQuery()) { while( rs.next() ) { String role = rs.getString(1); if( rs.wasNull() ) { @@ -434,62 +224,23 @@ public Set getSummaries(final AccessControledObject item) canViewHistory = true; } } - } finally { - DatabaseConnectionUtils.close(rs); } - AccessSummary gas = - new AccessSummary( - thisUser.getUserId(), - thisUser.getUserName(), - canRead, - canModify, - canApproveRARequest, - canViewHistory - ); + AccessSummary gas = new AccessSummary(thisUser.getUserId(), thisUser.getUserName(), + canRead, canModify, canApproveRARequest, canViewHistory); summaries.add(gas); } return summaries; - } finally { - DatabaseConnectionUtils.close(uarPS); } - } finally { - DatabaseConnectionUtils.close(uacPS); } } - /** - * Writes a UAC entry to the database. - * - * @param uac The UAC to write. - * @param user The user to encrypt it for. - * - * @throws SQLException Thrown if there is a problem accessing thda database. - * @throws GeneralSecurityException Thrown if there is a problem encrypting the user data. - * @throws UnsupportedEncodingException - * @throws InvalidLicenceException Thrown if the licence is not valid. - * @throws IOException Thrown if there is an IO problem. - */ - public void update(final User user, final UserAccessControl uac) throws SQLException, GeneralSecurityException, UnsupportedEncodingException { update(uac, user.getKeyEncrypter()); } - /** - * Writes a UAC entry to the database. - * - * @param conn The connection to the database. - * @param uac The UAC to write. - * - * @throws SQLException Thrown if there is a problem accessing thda database. - * @throws GeneralSecurityException Thrown if there is a problem encrypting the user data. - * @throws UnsupportedEncodingException - * @throws InvalidLicenceException Thrown if the licence is not valid. - * @throws IOException Thrown if there is an IO problem. - */ - public void update(final UserAccessControl uac, final Encrypter encrypter) throws SQLException, GeneralSecurityException, UnsupportedEncodingException { // TODO: Look at improved update diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessRoleDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessRoleDAO.java index 405d21b..8eaf2e1 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessRoleDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/UserAccessRoleDAO.java @@ -16,14 +16,10 @@ package com.enterprisepasswordsafe.engine.database; +import com.enterprisepasswordsafe.proguard.ExternalInterface; + import java.sql.PreparedStatement; -import java.sql.ResultSet; import java.sql.SQLException; -import java.util.HashMap; -import java.util.Map; - -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; -import com.enterprisepasswordsafe.proguard.ExternalInterface; public class UserAccessRoleDAO extends AbstractAccessRoleDAO @@ -57,27 +53,21 @@ public UserAccessRole create(final String itemId, final String actorId, final St public void store( final UserAccessRole role ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(INSERT_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(INSERT_SQL)) { ps.setString(1, role.getItemId()); ps.setString(2, role.getActorId()); ps.setString(3, role.getRole()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } public void update( final UserAccessRole role ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_SQL)) { ps.setString(1, role.getRole()); ps.setString(2, role.getActorId()); ps.setString(3, role.getItemId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/UserIPZoneRestrictionDAO.java b/src/main/java/com/enterprisepasswordsafe/engine/database/UserIPZoneRestrictionDAO.java index fbf91a3..2d8d018 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/UserIPZoneRestrictionDAO.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/UserIPZoneRestrictionDAO.java @@ -16,6 +16,8 @@ package com.enterprisepasswordsafe.engine.database; +import com.enterprisepasswordsafe.proguard.ExternalInterface; + import java.net.UnknownHostException; import java.security.GeneralSecurityException; import java.sql.PreparedStatement; @@ -26,93 +28,34 @@ import java.util.List; import java.util.Map; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; -import com.enterprisepasswordsafe.proguard.ExternalInterface; - -/** - * Data access object for the user objects. - */ public final class UserIPZoneRestrictionDAO implements ExternalInterface { - /** - * SQL to get a restriction based on an ip address and user id. - */ - private static final String GET_BY_USER_ID_AND_IP_SQL = - "SELECT uipz.ip_zone_id, uipz.user_id, uipz.setting " - + " FROM user_ip_zones uipz, " - + " ip_zones ipz " - + " WHERE ipz.ip_version = ? " - + " AND ipz.ip_start <= ? " - + " AND ipz.ip_end >= ? " - + " AND ipz.ip_zone_id = uipz.ip_zone_id " - + " AND uipz.user_id = ?"; - + "SELECT uipz.ip_zone_id, uipz.user_id, uipz.setting FROM user_ip_zones uipz, ip_zones ipz " + + " WHERE ipz.ip_version = ? AND ipz.ip_start <= ? AND ipz.ip_end >= ? " + + " AND ipz.ip_zone_id = uipz.ip_zone_id AND uipz.user_id = ?"; - /** - * SQL to get a restriction by it's zone and user id. - */ private static final String GET_BY_ZONE_AND_USER_SQL = - "SELECT ip_zone_id, user_id, setting " - + " FROM user_ip_zones " - + " WHERE ip_zone_id = ?" - + " AND user_id = ?"; - - /** - * SQL to get the restrictions for a user. - */ + "SELECT ip_zone_id, user_id, setting FROM user_ip_zones WHERE ip_zone_id = ? AND user_id = ?"; private static final String GET_BY_USER_ID_SQL = - "SELECT ip_zone_id, setting " - + " FROM user_ip_zones " - + " WHERE user_id = ?"; - - /** - * SQL to store the IP zone - */ + "SELECT ip_zone_id, setting FROM user_ip_zones WHERE user_id = ?"; private static final String STORE_SQL = - "INSERT INTO user_ip_zones(ip_zone_id, user_id, setting) " - + " VALUES ( ?, ?, ? )"; - - /** - * SQL to update the IP Zone - */ + "INSERT INTO user_ip_zones(ip_zone_id, user_id, setting) VALUES( ?, ?, ? )"; private static final String UPDATE_SQL = - "UPDATE user_ip_zones "+ - " SET setting = ? "+ - " WHERE ip_zone_id = ?" + - " AND user_id = ?"; - - /** - * SQL to delete a zone. - */ + "UPDATE user_ip_zones SET setting = ? WHERE ip_zone_id = ? AND user_id = ?"; private static final String DELETE_SQL = - "DELETE FROM user_ip_zones " - +" WHERE ip_zone_id = ? " - +" AND user_id = ?"; - - /** - * Private constructor to prevent instantiation - */ + "DELETE FROM user_ip_zones WHERE ip_zone_id = ? AND user_id = ?"; private UserIPZoneRestrictionDAO() { super(); } - - /** - * Cretae a new restriction - * - * @param theZoneId The ID of the zone for this restriction. - * @param theUserId The ID of the user for this restriction. - * @param theRule The restruction rule. - */ - public final UserIPZoneRestriction create( final String zoneId, final String userId, final int rule ) throws SQLException { UserIPZoneRestriction ipzr = new UserIPZoneRestriction(zoneId, userId, rule); @@ -120,15 +63,6 @@ public final UserIPZoneRestriction create( final String zoneId, final String use return ipzr; } - /** - * Get the list of restrictions for a user from an address. - * - * @param id The ID of the user to check. - * @param ip The IP address to check for. - * - * @return The list of applicable restrictions. - */ - public final List getApplicable( final String id, final String ip ) throws SQLException, UnknownHostException, GeneralSecurityException { @@ -142,133 +76,67 @@ public final List getApplicable( final String id, final S dbString = IPZone.convertIP4ToDBString(ip); } - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_USER_ID_AND_IP_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_USER_ID_AND_IP_SQL)) { ps.setInt (1, ipVersion); ps.setString (2, dbString); ps.setString (3, dbString); ps.setString (4, id); - ResultSet rs = ps.executeQuery(); - try { + try(ResultSet rs = ps.executeQuery()) { List results = new ArrayList(); while(rs.next()) { results.add(new UserIPZoneRestriction(rs)); } return results; - } finally { - DatabaseConnectionUtils.close(rs); } - } finally { - DatabaseConnectionUtils.close(ps); } } - - /** - * Store this restriction in the database - * - * @param conn The connection to the database. - */ - public void store( final UserIPZoneRestriction ipzr ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(STORE_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(STORE_SQL)) { ps.setString(1, ipzr.getZoneId()); ps.setString(2, ipzr.getUserId()); ps.setInt (3, ipzr.getRule()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - - /** - * Update the data stored in the database. - * - * @param conn The connection to the database. - */ - public void update( final UserIPZoneRestriction ipzr ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(UPDATE_SQL)) { ps.setInt (1, ipzr.getRule()); ps.setString(2, ipzr.getZoneId()); ps.setString(3, ipzr.getUserId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - /** - * Delete this zone from the database - * - * @param conn The connection to the database. - */ - public void delete( final UserIPZoneRestriction ipzr ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(DELETE_SQL)) { ps.setString(1, ipzr.getZoneId()); ps.setString(2, ipzr.getUserId()); ps.executeUpdate(); - } finally { - DatabaseConnectionUtils.close(ps); } } - - /** - * Get a restriction by from a zone and user id. - * - * @param conn The connection to the database. - * @param userId The ID of the user to get the restriction for. - * @param zoneId The ID of the zone to get the restriction for. - */ - public final UserIPZoneRestriction getByZoneAndUser( final String userId, final String zoneId ) throws SQLException { - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_ZONE_AND_USER_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_ZONE_AND_USER_SQL)) { ps.setString(1, zoneId); ps.setString(2, userId); - ResultSet rs = ps.executeQuery(); - try { - if(!rs.next()) { - return null; - } - - return new UserIPZoneRestriction(rs); - } finally { - DatabaseConnectionUtils.close(rs); + try(ResultSet rs = ps.executeQuery()) { + return rs.next() ? new UserIPZoneRestriction(rs) : null; } - } finally { - DatabaseConnectionUtils.close(ps); } } - - /** - * Get the list of rules for a particular user - * - * @param id The ID of the user to get the zone information for. - * - * @return The map of groups to known permissions. - */ - public final Map getRulesForUser( final String id ) throws SQLException { Map rules = new HashMap(); - - PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_USER_ID_SQL); - try { + try(PreparedStatement ps = BOMFactory.getCurrentConntection().prepareStatement(GET_BY_USER_ID_SQL)) { ps.setString(1, id); - ResultSet rs = ps.executeQuery(); - try { + try(ResultSet rs = ps.executeQuery()) { while( rs.next() ) { String zoneId = rs.getString(1); int rule = rs.getInt(2); @@ -280,11 +148,7 @@ public final Map getRulesForUser( final String id ) throws SQLExc } } } - } finally { - DatabaseConnectionUtils.close(rs); } - } finally { - DatabaseConnectionUtils.close(ps); } return rules; diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/schema/HierarchyTable.java b/src/main/java/com/enterprisepasswordsafe/engine/database/schema/HierarchyTable.java index 8142c24..6f40bfd 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/schema/HierarchyTable.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/schema/HierarchyTable.java @@ -26,7 +26,6 @@ import com.enterprisepasswordsafe.engine.database.HierarchyNode; import com.enterprisepasswordsafe.engine.dbabstraction.ColumnSpecification; import com.enterprisepasswordsafe.engine.dbabstraction.IndexSpecification; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; import com.enterprisepasswordsafe.engine.utils.IDGenerator; public final class HierarchyTable diff --git a/src/main/java/com/enterprisepasswordsafe/engine/database/schema/PasswordsTable.java b/src/main/java/com/enterprisepasswordsafe/engine/database/schema/PasswordsTable.java index 7322134..80753b2 100644 --- a/src/main/java/com/enterprisepasswordsafe/engine/database/schema/PasswordsTable.java +++ b/src/main/java/com/enterprisepasswordsafe/engine/database/schema/PasswordsTable.java @@ -23,7 +23,6 @@ import com.enterprisepasswordsafe.engine.database.BOMFactory; import com.enterprisepasswordsafe.engine.dbabstraction.ColumnSpecification; import com.enterprisepasswordsafe.engine.dbabstraction.IndexSpecification; -import com.enterprisepasswordsafe.engine.utils.DatabaseConnectionUtils; public final class PasswordsTable extends AbstractTable{ diff --git a/src/main/java/com/enterprisepasswordsafe/engine/utils/DatabaseConnectionUtils.java b/src/main/java/com/enterprisepasswordsafe/engine/utils/DatabaseConnectionUtils.java deleted file mode 100644 index 8809002..0000000 --- a/src/main/java/com/enterprisepasswordsafe/engine/utils/DatabaseConnectionUtils.java +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright (c) 2017 Carbon Security Ltd. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -package com.enterprisepasswordsafe.engine.utils; - -import java.sql.Connection; -import java.sql.ResultSet; -import java.sql.Statement; -import java.util.logging.Level; -import java.util.logging.Logger; - -/** - * Utility class for handling JDBC objects. - */ -public final class DatabaseConnectionUtils { - - /** - * Private constructor to avoid instanciation by other classes. - */ - - private DatabaseConnectionUtils() { } - - /** - * Closes a PreparedStatement without throwing an exception. - * - * @param stmt - * The PreparedStatement to close. - */ - - public static void close(final Statement stmt) { - if (stmt == null) { - return; - } - - try { - stmt.close(); - } catch (Exception excpt) { - Logger.getLogger(DatabaseConnectionUtils.class.getName()).log(Level.WARNING, "Error closing Statement", excpt); - } - } - - /** - * Closes a ResulSet without throwing an exception. - * - * @param rs - * The PreparedStatement to close. - */ - - public static void close(final ResultSet rs) { - if (rs == null) { - return; - } - - try { - rs.close(); - } catch (Exception excpt) { - Logger.getLogger(DatabaseConnectionUtils.class.getName()).log(Level.WARNING, "Error closing ResultSet", excpt); - } - } - - /** - * Closes a Connection without throwing an exception. - * - * @param conn - * The Connection to close. - */ - - public static void close(final Connection conn) { - if (conn == null) { - return; - } - - try { - conn.close(); - } catch (Exception excpt) { - Logger.getLogger(DatabaseConnectionUtils.class.getName()).log(Level.WARNING, "Error closing Connection", excpt); - } - } - -}