public class BasicLookupStrategy extends java.lang.Object implements LookupStrategy
NB: This implementation does attempt to provide reasonably optimised lookups - within
the constraints of a normalised database and standard ANSI SQL features. If you are
willing to sacrifice either of these constraints (e.g. use a particular database
feature such as hierarchical queries or materalized views, or reduce normalisation) you
are likely to achieve better performance. In such situations you will need to provide
your own custom LookupStrategy
. This class does not support subclassing,
as it is likely to change in future releases and therefore subclassing is unsupported.
There are two SQL queries executed, one in the lookupPrimaryKeys method and one in lookupObjectIdentities. These are built from the same select and "order by" clause, using a different where clause in each case. In order to use custom schema or column names, each of these SQL clauses can be customized, but they must be consistent with each other and with the expected result set generated by the the default values.
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_ACL_CLASS_ID_SELECT_CLAUSE |
static java.lang.String |
DEFAULT_ORDER_BY_CLAUSE |
static java.lang.String |
DEFAULT_SELECT_CLAUSE |
Constructor and Description |
---|
BasicLookupStrategy(javax.sql.DataSource dataSource,
AclCache aclCache,
AclAuthorizationStrategy aclAuthorizationStrategy,
AuditLogger auditLogger)
Constructor accepting mandatory arguments
|
BasicLookupStrategy(javax.sql.DataSource dataSource,
AclCache aclCache,
AclAuthorizationStrategy aclAuthorizationStrategy,
PermissionGrantingStrategy grantingStrategy)
Creates a new instance
|
Modifier and Type | Method and Description |
---|---|
protected Sid |
createSid(boolean isPrincipal,
java.lang.String sid)
Creates a particular implementation of
Sid depending on the arguments. |
java.util.Map<ObjectIdentity,Acl> |
readAclsById(java.util.List<ObjectIdentity> objects,
java.util.List<Sid> sids)
The main method.
|
void |
setAclClassIdSupported(boolean aclClassIdSupported) |
void |
setAclClassIdUtils(org.springframework.security.acls.jdbc.AclClassIdUtils aclClassIdUtils) |
void |
setBatchSize(int batchSize) |
void |
setLookupObjectIdentitiesWhereClause(java.lang.String lookupObjectIdentitiesWhereClause)
The SQL for the where clause used in the lookupObjectIdentities method.
|
void |
setLookupPrimaryKeysWhereClause(java.lang.String lookupPrimaryKeysWhereClause)
The SQL for the where clause used in the lookupPrimaryKey method.
|
void |
setOrderByClause(java.lang.String orderByClause)
The SQL for the "order by" clause used in both queries.
|
void |
setPermissionFactory(PermissionFactory permissionFactory)
Sets the
PermissionFactory instance which will be used to convert loaded
permission data values to Permission s. |
void |
setSelectClause(java.lang.String selectClause)
The SQL for the select clause.
|
public static final java.lang.String DEFAULT_SELECT_CLAUSE
public static final java.lang.String DEFAULT_ACL_CLASS_ID_SELECT_CLAUSE
public static final java.lang.String DEFAULT_ORDER_BY_CLAUSE
public BasicLookupStrategy(javax.sql.DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger)
dataSource
- to access the databaseaclCache
- the cache where fully-loaded elements can be storedaclAuthorizationStrategy
- authorization strategy (required)public BasicLookupStrategy(javax.sql.DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, PermissionGrantingStrategy grantingStrategy)
dataSource
- to access the databaseaclCache
- the cache where fully-loaded elements can be storedaclAuthorizationStrategy
- authorization strategy (required)grantingStrategy
- the PermissionGrantingStrategypublic final java.util.Map<ObjectIdentity,Acl> readAclsById(java.util.List<ObjectIdentity> objects, java.util.List<Sid> sids)
WARNING: This implementation completely disregards the "sids" argument! Every item
in the cache is expected to contain all SIDs. If you have serious performance needs
(e.g. a very large number of SIDs per object identity), you'll probably want to
develop a custom LookupStrategy
implementation instead.
The implementation works in batch sizes specified by batchSize
.
readAclsById
in interface LookupStrategy
objects
- the identities to lookup (required)sids
- the SIDs for which identities are required (ignored by this
implementation)ObjectIdentity
of the
located Acl
and values are the located Acl
(never null
although some entries may be missing; this method should not throw
NotFoundException
, as a chain of LookupStrategy
s may be used to
automatically create entries if required)protected Sid createSid(boolean isPrincipal, java.lang.String sid)
Sid
depending on the arguments.sid
- the name of the sid representing its unique identifier. In typical ACL
database schema it's located in table acl_sid
table, sid
column.isPrincipal
- whether it's a user or granted authority like rolesidName
as an identifierpublic final void setPermissionFactory(PermissionFactory permissionFactory)
PermissionFactory
instance which will be used to convert loaded
permission data values to Permission
s. A DefaultPermissionFactory
will be used by default.permissionFactory
- public final void setBatchSize(int batchSize)
public final void setSelectClause(java.lang.String selectClause)
selectClause
- the select clause, which defaults to
DEFAULT_SELECT_CLAUSE
.public final void setLookupPrimaryKeysWhereClause(java.lang.String lookupPrimaryKeysWhereClause)
public final void setLookupObjectIdentitiesWhereClause(java.lang.String lookupObjectIdentitiesWhereClause)
public final void setOrderByClause(java.lang.String orderByClause)
public final void setAclClassIdSupported(boolean aclClassIdSupported)
public final void setAclClassIdUtils(org.springframework.security.acls.jdbc.AclClassIdUtils aclClassIdUtils)