changed to not use HQL, plus general persistence and transaction impr…

…ovements
grails · Sep 30, 2013 · 4f3ca40 · 4f3ca40
1 parent 598b6ed
commit 4f3ca40
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 57 deletions.
diff --git a/grails-app/domain/test/TestUserRole.groovy b/grails-app/domain/test/TestUserRole.groovy
@@ -21,6 +21,8 @@ import org.apache.commons.lang.builder.HashCodeBuilder
  */
 class TestUserRole implements Serializable {
 
+	private static final long serialVersionUID = 1
+
 	TestUser user
 	TestRole role
 
@@ -40,30 +42,36 @@ class TestUserRole implements Serializable {
 	}
 
 	static TestUserRole get(long userId, long roleId) {
-		find 'from TestUserRole where user.id=:userId and role.id=:roleId',
-			[userId: userId, roleId: roleId]
+		TestUserRole.where {
+			user == TestUser.load(userId) &&
+			role == TestRole.load(roleId)
+		}.get()
 	}
 
 	static TestUserRole create(TestUser user, TestRole role, boolean flush = false) {
 		new TestUserRole(user: user, role: role).save(flush: flush, insert: true)
 	}
 
-	static boolean remove(TestUser user, TestRole role, boolean flush = false) {
-		TestUserRole instance = TestUserRole.findByUserAndRole(user, role)
-		if (!instance) {
-			return false
-		}
+	static boolean remove(TestUser u, TestRole r, boolean flush = false) {
 
-		instance.delete(flush: flush)
-		true
-	}
+		int rowCount = TestUserRole.where {
+			user == TestUser.load(u.id) &&
+			role == TestRole.load(r.id)
+		}.deleteAll()
 
-	static void removeAll(TestUser user) {
-		executeUpdate "DELETE FROM TestUserRole WHERE user=:user", [user: user]
+		rowCount > 0
+	}
+
+	static void removeAll(TestUser u) {
+		TestUserRole.where {
+			user == TestUser.load(u.id)
+		}.deleteAll()
 	}
 
-	static void removeAll(TestRole role) {
-		executeUpdate 'DELETE FROM TestUserRole WHERE role=:role', [role: role]
+	static void removeAll(TestRole r) {
+		TestUserRole.where {
+			role == TestRole.load(r.id)
+		}.deleteAll()
 	}
 
 	static mapping = {

diff --git a/grails-app/services/grails/plugin/springsecurity/SpringSecurityService.groovy b/grails-app/services/grails/plugin/springsecurity/SpringSecurityService.groovy
@@ -18,6 +18,7 @@ import javax.servlet.http.HttpServletRequest
 
 import org.springframework.security.core.Authentication
 import org.springframework.security.core.context.SecurityContextHolder as SCH
+import org.springframework.transaction.annotation.Transactional
 
 /**
  * Utility methods.
@@ -26,8 +27,6 @@ import org.springframework.security.core.context.SecurityContextHolder as SCH
  */
 class SpringSecurityService {
 
-	static transactional = false
-
 	/** dependency injection for authenticationTrustResolver */
 	def authenticationTrustResolver
 
@@ -75,13 +74,17 @@ class SpringSecurityService {
 		}
 
 		String className = SpringSecurityUtils.securityConfig.userLookup.userDomainClassName
-		grailsApplication.getClassForName(className).get(principal.id)
+		String usernamePropName = SpringSecurityUtils.securityConfig.userLookup.usernamePropertyName
+		grailsApplication.getClassForName(className).findWhere((usernamePropName): principal.username)
 	}
 
 	/**
 	 * Encode the password using the configured PasswordEncoder.
 	 */
 	String encodePassword(String password, salt = null) {
+		if ('bcrypt' == SpringSecurityUtils.securityConfig.password.algorithm) {
+			salt = null
+		}
 		passwordEncoder.encodePassword password, salt
 	}
 
@@ -109,35 +112,34 @@ class SpringSecurityService {
 	 *
 	 * @param role the role to delete
 	 */
+	@Transactional
 	void deleteRole(role) {
 		def conf = SpringSecurityUtils.securityConfig
 		String configAttributeName = conf.requestMap.configAttributeField
 		String authorityFieldName = conf.authority.nameField
 
-		role.getClass().withTransaction { status ->
-			if (SpringSecurityUtils.securityConfigType == 'Requestmap') {
-				String roleName = role."$authorityFieldName"
-				def requestmaps = findRequestmapsByRole(roleName, role.getClass(), conf)
-				for (rm in requestmaps) {
-					String configAttribute = rm."$configAttributeName"
-					if (configAttribute.equals(roleName)) {
-						rm.delete()
-					}
-					else {
-						List parts = configAttribute.split(',')
-						parts.remove roleName
-						rm."$configAttributeName" = parts.join(',')
-					}
+		if (SpringSecurityUtils.securityConfigType == 'Requestmap') {
+			String roleName = role."$authorityFieldName"
+			def requestmaps = findRequestmapsByRole(roleName, conf)
+			for (rm in requestmaps) {
+				String configAttribute = rm."$configAttributeName"
+				if (configAttribute.equals(roleName)) {
+					rm.delete(flush: true)
+				}
+				else {
+					List parts = configAttribute.split(',')*.trim()
+					parts.remove roleName
+					rm."$configAttributeName" = parts.join(',')
 				}
-				clearCachedRequestmaps()
 			}
+			clearCachedRequestmaps()
+		}
 
-			// remove the role grant from all users
-			def joinClass = grailsApplication.getClassForName(conf.userLookup.authorityJoinClassName)
-			joinClass.removeAll role
+		// remove the role grant from all users
+		def joinClass = grailsApplication.getClassForName(conf.userLookup.authorityJoinClassName)
+		joinClass.removeAll role
 
-			role.delete(flush: true)
-		}
+		role.delete(flush: true)
 	}
 
 	/**
@@ -147,6 +149,7 @@ class SpringSecurityService {
 	 * @param role the role to update
 	 * @param newProperties the new role attributes ('params' from the calling controller)
 	 */
+	@Transactional
 	boolean updateRole(role, newProperties) {
 
 		def conf = SpringSecurityUtils.securityConfig
@@ -164,7 +167,7 @@ class SpringSecurityService {
 		if (SpringSecurityUtils.securityConfigType == 'Requestmap') {
 			String newRoleName = role."$authorityFieldName"
 			if (newRoleName != oldRoleName) {
-				def requestmaps = findRequestmapsByRole(oldRoleName, role.getClass(), conf)
+				def requestmaps = findRequestmapsByRole(oldRoleName, conf)
 				for (rm in requestmaps) {
 					rm."$configAttributeName" = rm."$configAttributeName".replace(oldRoleName, newRoleName)
 				}
@@ -197,12 +200,11 @@ class SpringSecurityService {
 		SpringSecurityUtils.isAjax request
 	}
 
-	private List findRequestmapsByRole(String roleName, domainClass, conf) {
-		String requestmapClassName = conf.requestMap.className
+	protected List findRequestmapsByRole(String roleName, conf) {
+		def domainClass = grailsApplication.getClassForName(conf.requestMap.className)
 		String configAttributeName = conf.requestMap.configAttributeField
-		return domainClass.executeQuery(
-				"SELECT rm FROM $requestmapClassName rm " +
-				"WHERE rm.$configAttributeName LIKE :roleName",
-				[roleName: "%$roleName%"])
+		domainClass.withCriteria {
+			like configAttributeName, "%$roleName%"
+		}
 	}
 }
diff --git a/src/templates/PersonAuthority.groovy.template b/src/templates/PersonAuthority.groovy.template
@@ -26,30 +26,36 @@ class ${userClassName}${roleClassName} implements Serializable {
 	}
 
 	static ${userClassName}${roleClassName} get(long ${userClassProperty}Id, long ${roleClassProperty}Id) {
-		find 'from ${userClassName}${roleClassName} where ${userClassProperty}.id=:${userClassProperty}Id and ${roleClassProperty}.id=:${roleClassProperty}Id',
-			[${userClassProperty}Id: ${userClassProperty}Id, ${roleClassProperty}Id: ${roleClassProperty}Id]
+		${userClassName}${roleClassName}.where {
+			${userClassProperty} == ${userClassName}.load(${userClassProperty}Id) &&
+			${roleClassProperty} == ${roleClassName}.load(${roleClassProperty}Id)
+		}.get()
 	}
 
 	static ${userClassName}${roleClassName} create(${userClassName} ${userClassProperty}, ${roleClassName} ${roleClassProperty}, boolean flush = false) {
 		new ${userClassName}${roleClassName}(${userClassProperty}: ${userClassProperty}, ${roleClassProperty}: ${roleClassProperty}).save(flush: flush, insert: true)
 	}
 
-	static boolean remove(${userClassName} ${userClassProperty}, ${roleClassName} ${roleClassProperty}, boolean flush = false) {
-		${userClassName}${roleClassName} instance = ${userClassName}${roleClassName}.findBy${userClassName}And${roleClassName}(${userClassProperty}, ${roleClassProperty})
-		if (!instance) {
-			return false
-		}
+	static boolean remove(${userClassName} u, ${roleClassName} r, boolean flush = false) {
+
+		int rowCount = ${userClassName}${roleClassName}.where {
+			${userClassProperty} == ${userClassName}.load(u.id) &&
+			${roleClassProperty} == ${roleClassName}.load(r.id)
+		}.deleteAll()
 
-		instance.delete(flush: flush)
-		true
+		rowCount > 0
 	}
 
-	static void removeAll(${userClassName} ${userClassProperty}) {
-		executeUpdate 'DELETE FROM ${userClassName}${roleClassName} WHERE ${userClassProperty}=:${userClassProperty}', [${userClassProperty}: ${userClassProperty}]
+	static void removeAll(${userClassName} u) {
+		${userClassName}${roleClassName}.where {
+			${userClassProperty} == ${userClassName}.load(u.id)
+		}.deleteAll()
 	}
 
-	static void removeAll(${roleClassName} ${roleClassProperty}) {
-		executeUpdate 'DELETE FROM ${userClassName}${roleClassName} WHERE ${roleClassProperty}=:${roleClassProperty}', [${roleClassProperty}: ${roleClassProperty}]
+	static void removeAll(${roleClassName} r) {
+		${userClassName}${roleClassName}.where {
+			${roleClassProperty} == ${roleClassName}.load(r.id)
+		}.deleteAll()
 	}
 
 	static mapping = {