public static void rollbackTransaction() {
OGraphDatabase db = getConnection();
if (isInTransaction()) {
Logger.trace("Rollback transaction");
db.rollback();
}
}
public static void requestTransaction() {
OGraphDatabase db = getConnection();
if (!isInTransaction()) {
Logger.trace("Begin transaction");
db.begin();
}
}
public static void commitTransaction() {
OGraphDatabase db = getConnection();
if (isInTransaction()) {
Logger.trace("Commit transaction");
db.commit();
}
}
public static void dropOrientDefault() {
Logger.trace("Method Start");
OGraphDatabase db = DbHelper.getConnection();
db.getMetadata().getSecurity().dropUser("reader");
db.getMetadata().getSecurity().dropUser("writer");
db.getMetadata().getSecurity().dropRole("reader");
db.getMetadata().getSecurity().dropRole("writer");
Logger.trace("Method End");
}
@Test
public void multipleDatabasesSameThread() throws IOException {
OGraphDatabase db1 = OGraphDatabasePool.global().acquire(DB_URL, "admin", "admin");
ODocument doc1 = db1.createVertex();
doc1.field("key", "value");
doc1.save();
db1.close();
OGraphDatabase db2 = OGraphDatabasePool.global().acquire(DB_URL, "admin", "admin");
ODocument doc2 = db2.createVertex();
doc2.field("key", "value");
doc2.save();
db2.close();
db1 = OGraphDatabasePool.global().acquire(DB_URL, "admin", "admin");
final List<?> result =
db1.query(
new OSQLSynchQuery<ODocument>(
"select out[weight=3].size() from V where out.size() > 0"));
doc1 = db1.createVertex();
doc1.field("newkey", "newvalue");
doc1.save();
db1.close();
}
public static void createDefaultUsers() throws Exception {
Logger.trace("Method Start");
// the baasbox default user used to connect to the DB like anonymous user
String username = BBConfiguration.getBaasBoxUsername();
String password = BBConfiguration.getBaasBoxPassword();
UserService.signUp(
username, password, DefaultRoles.ANONYMOUS_USER.toString(), null, null, null, null);
OGraphDatabase db = DbHelper.getConnection();
OUser admin = db.getMetadata().getSecurity().getUser("admin");
admin.setPassword(BBConfiguration.configuration.getString(BBConfiguration.ADMIN_PASSWORD));
admin.save();
Logger.trace("Method End");
}
public static OCommandRequest selectCommandBuilder(
String from, boolean count, QueryParams criteria) throws SqlInjectionException {
OGraphDatabase db = DbHelper.getConnection();
OCommandRequest command =
db.command(
new OSQLSynchQuery<ODocument>(selectQueryBuilder(from, count, criteria))
.setFetchPlan(fetchPlan.replace("?", criteria.getDepth().toString())));
if (!command.isIdempotent()) throw new SqlInjectionException();
Logger.debug("commandBuilder: ");
Logger.debug(" " + criteria.toString());
Logger.debug(" " + command.toString());
return command;
}
@Test
public void testQueryIsolation() {
OGraphDatabase db = new OGraphDatabase(url);
db.open("admin", "admin");
try {
db.begin();
ODocument v1 = db.createVertex();
v1.field("purpose", "testQueryIsolation");
v1.save();
if (!url.startsWith("remote")) {
List<OIdentifiable> result =
db.query(
new OSQLSynchQuery<Object>("select from V where purpose = 'testQueryIsolation'"));
Assert.assertEquals(result.size(), 1);
}
db.commit();
List<OIdentifiable> result =
db.query(
new OSQLSynchQuery<Object>("select from V where purpose = 'testQueryIsolation'"));
Assert.assertEquals(result.size(), 1);
} finally {
db.close();
}
}
public static void populateDB(OGraphDatabase db) throws IOException {
Logger.info("Populating the db...");
InputStream is;
if (Play.application().isProd()) is = Play.application().resourceAsStream(SCRIPT_FILE_NAME);
else is = new FileInputStream(Play.application().getFile("conf/" + SCRIPT_FILE_NAME));
List<String> script = IOUtils.readLines(is, "UTF-8");
is.close();
for (String line : script) {
Logger.debug(line);
if (!line.startsWith("--") && !line.trim().isEmpty()) { // skip comments
db.command(new OCommandSQL(line.replace(';', ' '))).execute();
}
}
Logger.info("...done");
}
@Test
public void deletesWithinTransactionArentWorking() throws IOException {
OGraphDatabase db = new OGraphDatabase(url);
db.open("admin", "admin");
try {
if (db.getVertexType("Foo") == null) db.createVertexType("Foo");
if (db.getVertexType("Bar") == null) db.createVertexType("Bar");
if (db.getVertexType("Sees") == null) db.createEdgeType("Sees");
// Commenting out the transaction will result in the test succeeding.
db.begin(TXTYPE.OPTIMISTIC);
ODocument foo = (ODocument) db.createVertex("Foo").field("prop", "test1").save();
// Comment out these two lines and the test will succeed. The issue appears to be related to
// an edge
// connecting a deleted vertex during a transaction
ODocument bar = (ODocument) db.createVertex("Bar").field("prop", "test1").save();
ODocument sees = db.createEdge(foo, bar, "Sees");
db.commit();
List<ODocument> foos = db.query(new OSQLSynchQuery("select * from Foo"));
Assert.assertEquals(foos.size(), 1);
db.begin(TXTYPE.OPTIMISTIC);
db.removeVertex(foos.get(0));
db.commit();
} finally {
db.close();
}
}
@Test
public void testConsistencyOnDelete() {
OGraphDatabase db = new OGraphDatabase(url);
db.open("admin", "admin");
if (db.getVertexType("Foo") == null) db.createVertexType("Foo");
try {
// Step 1
// Create several foo's
db.createVertex("Foo").field("address", "test1").save();
db.createVertex("Foo").field("address", "test2").save();
db.createVertex("Foo").field("address", "test3").save();
// just show what is there
List<ODocument> result = db.query(new OSQLSynchQuery<ODocument>("select * from Foo"));
for (ODocument d : result) {
System.out.println("Vertex: " + d);
}
// remove those foos in a transaction
// Step 2
db.begin(TXTYPE.OPTIMISTIC);
// Step 3a
result = db.query(new OSQLSynchQuery<ODocument>("select * from Foo where address = 'test1'"));
Assert.assertEquals(1, result.size());
// Step 4a
db.removeVertex(result.get(0));
// Step 3b
result = db.query(new OSQLSynchQuery<ODocument>("select * from Foo where address = 'test2'"));
Assert.assertEquals(1, result.size());
// Step 4b
db.removeVertex(result.get(0));
// Step 3c
result = db.query(new OSQLSynchQuery<ODocument>("select * from Foo where address = 'test3'"));
Assert.assertEquals(1, result.size());
// Step 4c
db.removeVertex(result.get(0));
// Step 6
db.commit();
// just show what is there
result = db.query(new OSQLSynchQuery<ODocument>("select * from Foo"));
for (ODocument d : result) {
System.out.println("Vertex: " + d);
}
} finally {
db.close();
}
}
/**
* * Login the user. parameters: username password appcode: the App Code (API KEY) login_data:
* json serialized string containing info related to the device used by the user. In particular,
* for push notification, must by supplied: deviceId os: (android|ios)
*
* @return
* @throws SqlInjectionException
*/
@With({NoUserCredentialWrapFilter.class})
@BodyParser.Of(BodyParser.FormUrlEncoded.class)
public static Result login() throws SqlInjectionException {
Map<String, String[]> body = request().body().asFormUrlEncoded();
if (body == null) return badRequest("missing data: is the body x-www-form-urlencoded?");
String username = "";
String password = "";
String appcode = "";
String loginData = null;
if (body.get("username") == null) return badRequest("The 'username' field is missing");
else username = body.get("username")[0];
if (body.get("password") == null) return badRequest("The 'password' field is missing");
else password = body.get("password")[0];
if (body.get("appcode") == null) return badRequest("The 'appcode' field is missing");
else appcode = body.get("appcode")[0];
Logger.debug("Username " + username);
Logger.debug("Password " + password);
Logger.debug("Appcode" + appcode);
if (username.equalsIgnoreCase(BBConfiguration.getBaasBoxAdminUsername())
|| username.equalsIgnoreCase(BBConfiguration.getBaasBoxAdminUsername()))
return forbidden(username + " cannot login");
if (body.get("login_data") != null) loginData = body.get("login_data")[0];
Logger.debug("LoginData" + loginData);
/* other useful parameter to receive and to store...*/
// validate user credentials
OGraphDatabase db = null;
try {
db = DbHelper.open(appcode, username, password);
if (loginData != null) {
JsonNode loginInfo = null;
try {
loginInfo = Json.parse(loginData);
} catch (Exception e) {
Logger.debug("Error parsong login_data field");
Logger.debug(ExceptionUtils.getFullStackTrace(e));
return badRequest("login_data field is not a valid json string");
}
Iterator<Entry<String, JsonNode>> it = loginInfo.getFields();
HashMap<String, Object> data = new HashMap<String, Object>();
while (it.hasNext()) {
Entry<String, JsonNode> element = it.next();
String key = element.getKey();
Object value = element.getValue().asText();
data.put(key, value);
}
UserService.registerDevice(data);
}
} catch (OSecurityAccessException e) {
Logger.debug("UserLogin: "******"user " + username + " unauthorized");
} catch (InvalidAppCodeException e) {
Logger.debug("UserLogin: "******"user " + username + " unauthorized");
} finally {
if (db != null && !db.isClosed()) db.close();
}
ImmutableMap<SessionKeys, ? extends Object> sessionObject =
SessionTokenProvider.getSessionTokenProvider().setSession(appcode, username, password);
response()
.setHeader(SessionKeys.TOKEN.toString(), (String) sessionObject.get(SessionKeys.TOKEN));
ObjectNode result = Json.newObject();
result.put(SessionKeys.TOKEN.toString(), (String) sessionObject.get(SessionKeys.TOKEN));
return ok(result);
}
public static boolean isInTransaction() {
OGraphDatabase db = getConnection();
return !(db.getTransaction() instanceof OTransactionNoTx);
}
public static void createDefaultRoles() {
Logger.trace("Method Start");
OGraphDatabase db = DbHelper.getConnection();
final ORole anonymousUserRole =
db.getMetadata()
.getSecurity()
.createRole(DefaultRoles.ANONYMOUS_USER.toString(), ORole.ALLOW_MODES.DENY_ALL_BUT);
anonymousUserRole.save();
final ORole registeredUserRole =
db.getMetadata()
.getSecurity()
.createRole(DefaultRoles.REGISTERED_USER.toString(), ORole.ALLOW_MODES.DENY_ALL_BUT);
registeredUserRole.save();
final ORole backOfficeRole =
db.getMetadata()
.getSecurity()
.createRole(DefaultRoles.BACKOFFICE_USER.toString(), ORole.ALLOW_MODES.DENY_ALL_BUT);
backOfficeRole.save();
registeredUserRole.addRule(ODatabaseSecurityResources.DATABASE, ORole.PERMISSION_READ);
registeredUserRole.addRule(
ODatabaseSecurityResources.SCHEMA,
ORole.PERMISSION_READ + ORole.PERMISSION_CREATE + ORole.PERMISSION_UPDATE);
registeredUserRole.addRule(
ODatabaseSecurityResources.CLUSTER + "." + OMetadata.CLUSTER_INTERNAL_NAME,
ORole.PERMISSION_READ);
registeredUserRole.addRule(
ODatabaseSecurityResources.CLUSTER + ".orole", ORole.PERMISSION_READ);
registeredUserRole.addRule(
ODatabaseSecurityResources.CLUSTER + ".ouser", ORole.PERMISSION_READ);
registeredUserRole.addRule(ODatabaseSecurityResources.ALL_CLASSES, ORole.PERMISSION_ALL);
registeredUserRole.addRule(ODatabaseSecurityResources.ALL_CLUSTERS, ORole.PERMISSION_ALL);
registeredUserRole.addRule(ODatabaseSecurityResources.COMMAND, ORole.PERMISSION_ALL);
registeredUserRole.addRule(ODatabaseSecurityResources.RECORD_HOOK, ORole.PERMISSION_ALL);
backOfficeRole.addRule(ODatabaseSecurityResources.DATABASE, ORole.PERMISSION_READ);
backOfficeRole.addRule(
ODatabaseSecurityResources.SCHEMA,
ORole.PERMISSION_READ + ORole.PERMISSION_CREATE + ORole.PERMISSION_UPDATE);
backOfficeRole.addRule(
ODatabaseSecurityResources.CLUSTER + "." + OMetadata.CLUSTER_INTERNAL_NAME,
ORole.PERMISSION_READ);
backOfficeRole.addRule(ODatabaseSecurityResources.CLUSTER + ".orole", ORole.PERMISSION_READ);
backOfficeRole.addRule(ODatabaseSecurityResources.CLUSTER + ".ouser", ORole.PERMISSION_READ);
backOfficeRole.addRule(ODatabaseSecurityResources.ALL_CLASSES, ORole.PERMISSION_ALL);
backOfficeRole.addRule(ODatabaseSecurityResources.ALL_CLUSTERS, ORole.PERMISSION_ALL);
backOfficeRole.addRule(ODatabaseSecurityResources.COMMAND, ORole.PERMISSION_ALL);
backOfficeRole.addRule(ODatabaseSecurityResources.RECORD_HOOK, ORole.PERMISSION_ALL);
backOfficeRole.addRule(
ODatabaseSecurityResources.BYPASS_RESTRICTED,
ORole.PERMISSION_ALL); // the backoffice users can access and manipulate all records
anonymousUserRole.addRule(ODatabaseSecurityResources.DATABASE, ORole.PERMISSION_READ);
anonymousUserRole.addRule(ODatabaseSecurityResources.SCHEMA, ORole.PERMISSION_READ);
anonymousUserRole.addRule(
ODatabaseSecurityResources.CLUSTER + "." + OMetadata.CLUSTER_INTERNAL_NAME,
ORole.PERMISSION_READ);
anonymousUserRole.addRule(ODatabaseSecurityResources.CLUSTER + ".orole", ORole.PERMISSION_READ);
anonymousUserRole.addRule(ODatabaseSecurityResources.CLUSTER + ".ouser", ORole.PERMISSION_READ);
anonymousUserRole.addRule(ODatabaseSecurityResources.ALL_CLASSES, ORole.PERMISSION_READ);
anonymousUserRole.addRule(ODatabaseSecurityResources.ALL_CLUSTERS, 7);
anonymousUserRole.addRule(ODatabaseSecurityResources.COMMAND, ORole.PERMISSION_READ);
anonymousUserRole.addRule(ODatabaseSecurityResources.RECORD_HOOK, ORole.PERMISSION_READ);
anonymousUserRole.save();
registeredUserRole.save();
Logger.trace("Method End");
}
