use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaManagerQueryExecutor method getCaHasUsersForCa.
// method getCaHasUsersForUser
List<CaHasUserEntry> getCaHasUsersForCa(String caName, CaIdNameMap idNameMap) throws CaMgmtException {
NameId caIdent = idNameMap.getCa(caName);
if (caIdent == null) {
throw new CaMgmtException("unknown CA " + caName);
}
final String sql = "SELECT NAME,PERMISSION,PROFILES FROM CA_HAS_USER INNER JOIN TUSER" + " ON CA_ID=? AND TUSER.ID=CA_HAS_USER.USER_ID";
PreparedStatement ps = null;
ResultSet rs = null;
try {
ps = prepareStatement(sql);
ps.setInt(1, caIdent.getId().intValue());
rs = ps.executeQuery();
List<CaHasUserEntry> ret = new LinkedList<>();
while (rs.next()) {
String username = rs.getString("NAME");
int permission = rs.getInt("PERMISSION");
String str = rs.getString("PROFILES");
List<String> list = StringUtil.splitByComma(str);
Set<String> profiles = (list == null) ? null : new HashSet<>(list);
CaHasUserEntry caHasUser = new CaHasUserEntry(new NameId(null, username));
caHasUser.setPermission(permission);
caHasUser.setProfiles(profiles);
ret.add(caHasUser);
}
return ret;
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, rs);
}
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaManagerQueryExecutor method createCertprofile.
// method createCaAliases
CertprofileEntry createCertprofile(String name) throws CaMgmtException {
PreparedStatement stmt = null;
ResultSet rs = null;
final String sql = sqls.sqlSelectProfile;
try {
stmt = prepareStatement(sql);
stmt.setString(1, name);
rs = stmt.executeQuery();
if (!rs.next()) {
throw new CaMgmtException("unknown CA " + name);
}
int id = rs.getInt("ID");
String type = rs.getString("TYPE");
String conf = rs.getString("CONF");
return new CertprofileEntry(new NameId(id, name), type, conf);
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(stmt, rs);
}
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaManagerQueryExecutor method changeScep.
// method changeCrlSigner
ScepImpl changeScep(String name, NameId caIdent, Boolean active, String responderName, Set<String> certProfiles, String control, CaManagerImpl caManager, final SecurityFactory securityFactory) throws CaMgmtException {
ParamUtil.requireNonBlank("name", name);
ParamUtil.requireNonNull("caManager", caManager);
StringBuilder sqlBuilder = new StringBuilder();
sqlBuilder.append("UPDATE SCEP SET ");
AtomicInteger index = new AtomicInteger(1);
Integer idxCa = addToSqlIfNotNull(sqlBuilder, index, caIdent, "CA_ID");
Integer idxActive = addToSqlIfNotNull(sqlBuilder, index, active, "ACTIVE");
Integer idxName = addToSqlIfNotNull(sqlBuilder, index, responderName, "RESPONDER_NAME");
Integer idxProfiles = addToSqlIfNotNull(sqlBuilder, index, certProfiles, "PROFILES");
Integer idxControl = addToSqlIfNotNull(sqlBuilder, index, control, "CONTROL");
sqlBuilder.deleteCharAt(sqlBuilder.length() - 1);
sqlBuilder.append(" WHERE NAME=?");
if (index.get() == 1) {
throw new IllegalArgumentException("nothing to change");
}
ScepEntry dbEntry = getScep(name, caManager.idNameMap());
boolean tmpActive = (active == null) ? dbEntry.isActive() : active;
String tmpResponderName = (responderName == null) ? dbEntry.getResponderName() : responderName;
NameId tmpCaIdent;
if (caIdent == null) {
tmpCaIdent = dbEntry.getCaIdent();
} else {
tmpCaIdent = caIdent;
}
Set<String> tmpCertProfiles;
if (certProfiles == null) {
tmpCertProfiles = dbEntry.getCertProfiles();
} else {
tmpCertProfiles = certProfiles;
}
String tmpControl;
if (control == null) {
tmpControl = dbEntry.getControl();
} else if (CaManager.NULL.equals(control)) {
tmpControl = null;
} else {
tmpControl = control;
}
ScepEntry newDbEntry;
try {
newDbEntry = new ScepEntry(name, tmpCaIdent, tmpActive, tmpResponderName, tmpCertProfiles, tmpControl);
} catch (InvalidConfException ex) {
throw new CaMgmtException(ex);
}
ScepImpl scep = new ScepImpl(newDbEntry, caManager);
final String sql = sqlBuilder.toString();
StringBuilder sb = new StringBuilder();
PreparedStatement ps = null;
try {
ps = prepareStatement(sql);
if (idxActive != null) {
setBoolean(ps, idxActive, tmpActive);
sb.append("active: '").append(tmpActive).append("'; ");
}
if (idxCa != null) {
sb.append("ca: '").append(caIdent).append("'; ");
ps.setInt(idxCa, caIdent.getId());
}
if (idxName != null) {
String txt = getRealString(tmpResponderName);
ps.setString(idxName, txt);
sb.append("responder type: '").append(txt).append("'; ");
}
if (idxProfiles != null) {
sb.append("profiles: '").append(certProfiles).append("'; ");
ps.setString(idxProfiles, StringUtil.collectionAsStringByComma(certProfiles));
}
if (idxControl != null) {
String txt = getRealString(tmpControl);
sb.append("control: '").append(tmpControl);
ps.setString(idxControl, txt);
}
if (idxCa != null) {
sb.append("ca: ").append(caIdent);
ps.setInt(idxCa, caIdent.getId());
}
ps.setString(index.get(), name);
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not change SCEP " + name);
}
final int sbLen = sb.length();
if (sbLen > 0) {
sb.delete(sbLen - 2, sbLen);
}
LOG.info("changed SCEP: {}", sb);
return scep;
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, null);
}
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaManagerQueryExecutor method addUserToCa.
// method removeRequestorFromCa
void addUserToCa(CaHasUserEntry user, NameId ca) throws CaMgmtException {
ParamUtil.requireNonNull("user", user);
ParamUtil.requireNonNull("ca", ca);
final NameId userIdent = user.getUserIdent();
Integer existingId = getIdForName(sqls.sqlSelectUserId, userIdent.getName());
if (existingId == null) {
throw new CaMgmtException(concat("user '", userIdent.getName(), " ' does not exist"));
}
userIdent.setId(existingId);
PreparedStatement ps = null;
final String sql = "INSERT INTO CA_HAS_USER (ID,CA_ID,USER_ID, PERMISSION,PROFILES)" + " VALUES (?,?,?,?,?)";
long maxId;
try {
maxId = datasource.getMax(null, "CA_HAS_USER", "ID");
} catch (DataAccessException ex) {
throw new CaMgmtException(ex);
}
try {
ps = prepareStatement(sql);
int idx = 1;
ps.setLong(idx++, maxId + 1);
ps.setInt(idx++, ca.getId());
ps.setInt(idx++, userIdent.getId());
ps.setInt(idx++, user.getPermission());
String profilesText = StringUtil.collectionAsStringByComma(user.getProfiles());
ps.setString(idx++, profilesText);
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not add user " + userIdent + " to CA " + ca);
}
LOG.info("added user '{}' to CA '{}': permission: {}; profile: {}", userIdent, ca, user.getPermission(), profilesText);
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, null);
}
}
use of org.xipki.ca.api.NameId in project xipki by xipki.
the class CaManagerQueryExecutor method createRequestor.
RequestorEntry createRequestor(String name) throws CaMgmtException {
final String sql = sqls.sqlSelectRequestor;
PreparedStatement stmt = null;
ResultSet rs = null;
try {
stmt = prepareStatement(sql);
stmt.setString(1, name);
rs = stmt.executeQuery();
if (!rs.next()) {
throw new CaMgmtException("unknown Requestor " + name);
}
int id = rs.getInt("ID");
String b64Cert = rs.getString("CERT");
return new RequestorEntry(new NameId(id, name), b64Cert);
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(stmt, rs);
}
}
Aggregations