Пример #1
0
  /** Return the user's secure_hash_key. If one wasn't found create one on the fly. */
  private SecureHashKeyResult getSecureHashKey(UserAccount user, Connection c) throws SQLException {

    PreparedStatement select = null;

    // Create lazily.
    PreparedStatement update = null;

    int userId = user.getUserID();

    boolean justCreated = false;

    byte[] key = null;
    try {
      // TODO:  consider having UserManager returning secure_hash_key.
      // TODO:  We have similar logic in several places for creating secure_hash_key just-in-time.
      // D.R.Y. this out.  Sorry I couldn't resist using this cliche :)

      select = c.prepareStatement("SELECT secure_hash_key FROM dat_user_account WHERE object_id=?");

      select.setInt(1, userId);
      ResultSet rs = select.executeQuery();
      if (!rs.next()) {
        LogMessageGen lmg = new LogMessageGen();
        lmg.setSubject("dat_user_account row not found");
        lmg.param(LoggingConsts.USER_ID, userId);
        // possible that the user simply disappeared by the time we got here.
        m_logCategory.warn(lmg.toString());
      } else {
        key = rs.getBytes(1);
        if (key == null || key.length == 0) {
          // hash key not found; create one on the fly.
          update =
              c.prepareStatement("UPDATE dat_user_account SET secure_hash_key=? WHERE object_id=?");
          key = createNewRandomKey();
          update.setBytes(1, key);
          update.setInt(2, userId);
          int ct = update.executeUpdate();
          if (ct != 1) {
            LogMessageGen lmg = new LogMessageGen();
            lmg.setSubject("Unable to update dat_user_account.secure_hash_key");
            lmg.param(LoggingConsts.USER_ID, userId);
            m_logCategory.error(lmg.toString());
          } else {
            justCreated = true;
          }
        } // needed to set key.
      } // user found
    } finally {
      DbUtils.safeClose(select);
      DbUtils.safeClose(update);
    }
    return new SecureHashKeyResult(key, justCreated);
  }
  @Override
  public Operation getOperation(int operationId) throws OperationManagementDAOException {
    PreparedStatement stmt = null;
    ResultSet rs = null;
    PolicyOperation policyOperation = null;

    ByteArrayInputStream bais;
    ObjectInputStream ois;
    try {
      Connection conn = OperationManagementDAOFactory.getConnection();
      String sql =
          "SELECT OPERATION_ID, ENABLED, OPERATION_DETAILS FROM DM_POLICY_OPERATION WHERE OPERATION_ID=?";
      stmt = conn.prepareStatement(sql);
      stmt.setInt(1, operationId);
      rs = stmt.executeQuery();

      if (rs.next()) {
        byte[] operationDetails = rs.getBytes("OPERATION_DETAILS");
        bais = new ByteArrayInputStream(operationDetails);
        ois = new ObjectInputStream(bais);
        policyOperation = (PolicyOperation) ois.readObject();
      }
    } catch (IOException e) {
      throw new OperationManagementDAOException(
          "IO Error occurred while de serialize the policy operation " + "object", e);
    } catch (ClassNotFoundException e) {
      throw new OperationManagementDAOException(
          "Class not found error occurred while de serialize the " + "policy operation object", e);
    } catch (SQLException e) {
      throw new OperationManagementDAOException(
          "SQL Error occurred while retrieving the policy operation "
              + "object available for the id '"
              + operationId
              + "'",
          e);
    } finally {
      OperationManagementDAOUtil.cleanupResources(stmt, rs);
    }
    return policyOperation;
  }
Пример #3
0
  public void setKeyCreatingIfNeeded(
      List<? extends IClientInfo> clients,
      List<IClientInfo> clientsNeedingSignalUpdate,
      Connection c)
      throws SQLException {

    PreparedStatement select = null;

    // Create lazily.
    PreparedStatement update = null;

    try {

      select = c.prepareStatement("SELECT secure_hash_key FROM dat_user_account WHERE object_id=?");

      for (IClientInfo client : clients) {
        int userId = client.getUserId();
        // ensure dat_user_account.secure_hash_key is filled.
        select.setInt(1, userId);
        ResultSet rs = select.executeQuery();
        if (!rs.next()) {
          LogMessageGen lmg = new LogMessageGen();
          lmg.setSubject("dat_user_account row not found");
          lmg.param(LoggingConsts.USER_ID, userId);
          // possible that the user simply disappeared by the time we got here.
          m_logCategory.warn(lmg.toString());
          continue;
        }
        boolean firstTimeCreate = false;
        byte[] key = rs.getBytes(1);
        if (key == null || key.length == 0) {
          if (update == null) {
            update =
                c.prepareStatement(
                    "UPDATE dat_user_account SET secure_hash_key=? WHERE object_id=?");
          }
          key = createNewRandomKey();
          update.setBytes(1, key);
          update.setInt(2, userId);
          int ct = update.executeUpdate();
          if (ct != 1) {
            LogMessageGen lmg = new LogMessageGen();
            lmg.setSubject("Unable to update dat_user_account.secure_hash_key");
            lmg.param(LoggingConsts.USER_ID, userId);
            m_logCategory.error(lmg.toString());
            continue;
          } else {
            firstTimeCreate = true;
          }
        } // no existing key.
        client.getHashSupport().setHashKey(key);
        if (firstTimeCreate) {
          if (clientsNeedingSignalUpdate != null) {
            // EMSDEV-7854.  Don't actually do
            // updateSignalFiles(client) right here; we want to avoid nfs usage in the middle of a
            // db
            // transaction.
            clientsNeedingSignalUpdate.add(client);
          }
        }
      } // each client.
    } finally {
      DbUtils.safeClose(select);
      DbUtils.safeClose(update);
    }
  }
Пример #4
0
  /** Writes user state information to the shared filesystem */
  private void updateStateCache(
      Customer customer, int transitionId, CustomerState newState, Connection c)
      throws SQLException {
    PreparedStatement pst = null;
    ResultSet rs = null;

    try {
      pst =
          c.prepareStatement(
              "SELECT u.secure_hash_key, u.object_id, u.user_state, u.is_deleted, u.last_activation_id "
                  + "FROM dat_user_account u, dat_transition_users tr "
                  + "WHERE u.object_id = tr.user_id AND u.customer_id=? "
                  + "AND tr.transition_id=?;");

      // The state files are used by Outlook, BB, and maybe future clients.
      pst.setInt(1, customer.getCustID());
      pst.setInt(2, transitionId);
      rs = pst.executeQuery();
      while (rs.next()) {
        int i = 0;
        byte[] key = rs.getBytes(++i);
        int userId = rs.getInt(++i);
        CustomerState state = CustomerState.fromInt(rs.getInt(++i));
        int isDeletedInt = rs.getInt(++i);
        int lastActivationId = rs.getInt(++i);

        // If the user is marked deleted but has a key, we'll try cleaning
        // up state files.
        boolean isDeleted = isDeletedInt != IUserManager.USER_NOT_DELETED;
        if (key == null || key.length == 0) {
          LogMessageGen lmg = new LogMessageGen();
          lmg.setSubject("dat_user_account.secure_hash_key not set");
          lmg.param(LoggingConsts.USER_ID, userId);
          m_logCategory.info(lmg.toString());

          // Without a key, we can't determine the signal filenames
          // so no cleanup is possible.
          continue;
        }

        ClientHashSupport hash = null;
        hash = new ClientHashSupport();
        hash.setCustomerId(customer.getCustID());
        hash.setUserId(userId);
        hash.setHashKey(key);
        hash.setLastActivationId(lastActivationId);

        if (m_logCategory.isInfoEnabled()) {
          LogMessageGen lmg = new LogMessageGen();
          lmg.setSubject("Updating signal files");
          lmg.param(LoggingConsts.USER_ID, userId);
          m_logCategory.info(lmg.toString());
        }
        // wrt EMSDEV-7854 nfs calls and database transactions.
        // Above is only doing a select; no locks are taken and this
        // method is private.
        updateSignalFiles(hash, state, isDeleted);
      } // each row.
    } finally {
      DbUtils.safeClose(rs);
      DbUtils.safeClose(pst);
    }
  }
  @Override
  public List<? extends Operation> getOperationsByDeviceAndStatus(
      int enrolmentId, Operation.Status status) throws OperationManagementDAOException {
    PreparedStatement stmt = null;
    ResultSet rs = null;
    PolicyOperation policyOperation;
    List<Operation> operations = new ArrayList<>();

    ByteArrayInputStream bais = null;
    ObjectInputStream ois = null;
    try {
      Connection conn = OperationManagementDAOFactory.getConnection();
      String sql =
          "SELECT po.OPERATION_ID, ENABLED, OPERATION_DETAILS FROM DM_POLICY_OPERATION po "
              + "INNER JOIN (SELECT * FROM DM_ENROLMENT_OPERATION_MAPPING WHERE ENROLMENT_ID = ? "
              + "AND STATUS = ?) dm ON dm.OPERATION_ID = po.OPERATION_ID";

      stmt = conn.prepareStatement(sql);
      stmt.setInt(1, enrolmentId);
      stmt.setString(2, status.toString());
      rs = stmt.executeQuery();

      while (rs.next()) {
        byte[] operationDetails = rs.getBytes("OPERATION_DETAILS");
        bais = new ByteArrayInputStream(operationDetails);
        ois = new ObjectInputStream(bais);
        policyOperation = (PolicyOperation) ois.readObject();
        policyOperation.setStatus(status);
        operations.add(policyOperation);
      }
    } catch (IOException e) {
      throw new OperationManagementDAOException(
          "IO Error occurred while de serialize the profile " + "operation object", e);
    } catch (ClassNotFoundException e) {
      throw new OperationManagementDAOException(
          "Class not found error occurred while de serialize the " + "profile operation object", e);
    } catch (SQLException e) {
      throw new OperationManagementDAOException(
          "SQL error occurred while retrieving the operation "
              + "available for the device'"
              + enrolmentId
              + "' with status '"
              + status.toString(),
          e);
    } finally {
      if (bais != null) {
        try {
          bais.close();
        } catch (IOException e) {
          log.warn("Error occurred while closing ByteArrayOutputStream", e);
        }
      }
      if (ois != null) {
        try {
          ois.close();
        } catch (IOException e) {
          log.warn("Error occurred while closing ObjectOutputStream", e);
        }
      }
      OperationManagementDAOUtil.cleanupResources(stmt, rs);
    }
    return operations;
  }