From 74fd5fe8a4ab6135b707fc682404c51596e435eb Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Tue, 16 Dec 2008 18:55:38 +0000
Subject: [PATCH] Finish refactoring JdbcDaoIml to remove MappingSqlQuery
 objects. Updated Javadoc to avoid user confusion.

---
 .../userdetails/jdbc/JdbcDaoImpl.java         | 185 +++++++-----------
 .../userdetails/jdbc/JdbcDaoImplTests.java    |   8 -
 2 files changed, 68 insertions(+), 125 deletions(-)

diff --git a/core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcDaoImpl.java b/core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcDaoImpl.java
index 89b510142a..7d68f6ac66 100644
--- a/core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcDaoImpl.java
+++ b/core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcDaoImpl.java
@@ -15,37 +15,28 @@
 
 package org.springframework.security.userdetails.jdbc;
 
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.springframework.context.ApplicationContextException;
+import org.springframework.context.support.MessageSourceAccessor;
+import org.springframework.dao.DataAccessException;
+import org.springframework.jdbc.core.RowMapper;
+import org.springframework.jdbc.core.support.JdbcDaoSupport;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 import org.springframework.security.SpringSecurityMessageSource;
-
 import org.springframework.security.userdetails.User;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.UserDetailsService;
 import org.springframework.security.userdetails.UsernameNotFoundException;
 import org.springframework.security.util.AuthorityUtils;
-
-import org.springframework.context.ApplicationContextException;
-import org.springframework.context.support.MessageSourceAccessor;
-
-import org.springframework.dao.DataAccessException;
-
-import org.springframework.jdbc.core.SqlParameter;
-import org.springframework.jdbc.core.support.JdbcDaoSupport;
-import org.springframework.jdbc.object.MappingSqlQuery;
 import org.springframework.util.Assert;
 
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Types;
-
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Set;
-import java.util.HashSet;
-
-import javax.sql.DataSource;
-
 
 /**
  * <tt>UserDetailsServiceRetrieves</tt> implementation which retrieves the user details
@@ -105,26 +96,23 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     //~ Static fields/initializers =====================================================================================
 
     public static final String DEF_USERS_BY_USERNAME_QUERY =
-            "SELECT username,password,enabled " +
-            "FROM users " +
-            "WHERE username = ?";
+            "select username,password,enabled " +
+            "from users " +
+            "where username = ?";
     public static final String DEF_AUTHORITIES_BY_USERNAME_QUERY =
-            "SELECT username,authority " +
-            "FROM authorities " +
-            "WHERE username = ?";
+            "select username,authority " +
+            "from authorities " +
+            "where username = ?";
     public static final String DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY =
-            "SELECT g.id, g.group_name, ga.authority " +
-            "FROM groups g, group_members gm, group_authorities ga " +
-            "WHERE gm.username = ? " +
-            "AND g.id = ga.group_id " +
-            "AND g.id = gm.group_id";
+            "select g.id, g.group_name, ga.authority " +
+            "from groups g, group_members gm, group_authorities ga " +
+            "where gm.username = ? " +
+            "and g.id = ga.group_id " +
+            "and g.id = gm.group_id";
 
     //~ Instance fields ================================================================================================
 
     protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
-    private MappingSqlQuery authoritiesByUsernameMapping;
-    private MappingSqlQuery groupAuthoritiesByUsernameMapping;
-    private MappingSqlQuery usersByUsernameMapping;
 
     private String authoritiesByUsernameQuery;
     private String groupAuthoritiesByUsernameQuery;
@@ -145,8 +133,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     //~ Methods ========================================================================================================
 
     /**
-     * Allows subclasses to add their own granted authorities to the list to be returned in the
-     * <code>User</code>.
+     * Allows subclasses to add their own granted authorities to the list to be returned in the <tt>UserDetails</tt>.
      *
      * @param username the username, for use by finder methods
      * @param authorities the current granted authorities, as populated from the <code>authoritiesByUsername</code>
@@ -160,16 +147,6 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
 
     protected void initDao() throws ApplicationContextException {
         Assert.isTrue(enableAuthorities || enableGroups, "Use of either authorities or groups must be enabled");
-        initMappingSqlQueries();
-    }
-
-    /**
-     * Extension point to allow other MappingSqlQuery objects to be substituted in a subclass
-     */
-    private void initMappingSqlQueries() {
-        this.usersByUsernameMapping = new UsersByUsernameMapping(getDataSource());
-        this.authoritiesByUsernameMapping = new AuthoritiesByUsernameMapping(getDataSource());
-        this.groupAuthoritiesByUsernameMapping = new GroupAuthoritiesByUsernameMapping(getDataSource());
     }
 
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
@@ -180,7 +157,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
                     messages.getMessage("JdbcDaoImpl.notFound", new Object[]{username}, "Username {0} not found"), username);
         }
 
-        UserDetails user = (UserDetails) users.get(0); // contains no GrantedAuthority[]
+        UserDetails user = users.get(0); // contains no GrantedAuthority[]
 
         Set<GrantedAuthority> dbAuthsSet = new HashSet<GrantedAuthority>();
 
@@ -206,24 +183,51 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     }
 
     /**
-     * Executes the <tt>usersByUsernameQuery</tt> and returns a list of UserDetails objects (there should normally
-     * only be one matching user).
+     * Executes the SQL <tt>usersByUsernameQuery</tt> and returns a list of UserDetails objects.
+     * There should normally only be one matching user.
      */
     protected List<UserDetails> loadUsersByUsername(String username) {
-        return usersByUsernameMapping.execute(username);
+        return getJdbcTemplate().query(usersByUsernameQuery, new String[] {username}, new RowMapper() {
+            public Object mapRow(ResultSet rs, int rowNum) throws SQLException {
+                String username = rs.getString(1);
+                String password = rs.getString(2);
+                boolean enabled = rs.getBoolean(3);
+                return new User(username, password, enabled, true, true, true, AuthorityUtils.NO_AUTHORITIES);
+            }
+
+        });
     }
 
     /**
-     * Loads authorities by executing the authoritiesByUsernameQuery.
+     * Loads authorities by executing the SQL from <tt>authoritiesByUsernameQuery</tt>.
      *
      * @return a list of GrantedAuthority objects for the user
      */
     protected List<GrantedAuthority> loadUserAuthorities(String username) {
-        return authoritiesByUsernameMapping.execute(username);
+        return getJdbcTemplate().query(authoritiesByUsernameQuery, new String[] {username}, new RowMapper() {
+            public Object mapRow(ResultSet rs, int rowNum) throws SQLException {
+                String roleName = rolePrefix + rs.getString(2);
+                GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName);
+
+                 return authority;
+            }
+        });
     }
 
+    /**
+     * Loads authorities by executing the SQL from <tt>groupAuthoritiesByUsernameQuery</tt>.
+     *
+     * @return a list of GrantedAuthority objects for the user
+     */
     protected List<GrantedAuthority> loadGroupAuthorities(String username) {
-        return groupAuthoritiesByUsernameMapping.execute(username);
+        return getJdbcTemplate().query(groupAuthoritiesByUsernameQuery, new String[] {username}, new RowMapper() {
+            public Object mapRow(ResultSet rs, int rowNum) throws SQLException {
+                 String roleName = getRolePrefix() + rs.getString(3);
+                 GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName);
+
+                 return authority;
+            }
+        });
     }
 
     /**
@@ -247,12 +251,12 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     }
 
     /**
-     * Allows the default query string used to retrieve authorities based on username to be overriden, if
+     * Allows the default query string used to retrieve authorities based on username to be overridden, if
      * default table or column names need to be changed. The default query is {@link
      * #DEF_AUTHORITIES_BY_USERNAME_QUERY}; when modifying this query, ensure that all returned columns are mapped
      * back to the same column names as in the default query.
      *
-     * @param queryString The query string to set
+     * @param queryString The SQL query string to set
      */
     public void setAuthoritiesByUsernameQuery(String queryString) {
         authoritiesByUsernameQuery = queryString;
@@ -263,12 +267,12 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     }
 
     /**
-     * Allows the default query string used to retrieve group authorities based on username to be overriden, if
+     * Allows the default query string used to retrieve group authorities based on username to be overridden, if
      * default table or column names need to be changed. The default query is {@link
      * #DEF_GROUP_AUTHORITIES_BY_USERNAME_QUERY}; when modifying this query, ensure that all returned columns are mapped
      * back to the same column names as in the default query.
      *
-     * @param queryString The query string to set
+     * @param queryString The SQL query string to set
      */
     public void setGroupAuthoritiesByUsernameQuery(String queryString) {
         groupAuthoritiesByUsernameQuery = queryString;
@@ -309,12 +313,14 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     }
 
     /**
-     * Allows the default query string used to retrieve users based on username to be overriden, if default
+     * Allows the default query string used to retrieve users based on username to be overridden, if default
      * table or column names need to be changed. The default query is {@link #DEF_USERS_BY_USERNAME_QUERY}; when
      * modifying this query, ensure that all returned columns are mapped back to the same column names as in the
-     * default query. If the 'enabled' column does not exist in the source db, a permanent true value for this column
-     * may be returned by using a query similar to <br><pre>
-     * "SELECT username,password,'true' as enabled FROM users WHERE username = ?"</pre>
+     * default query. If the 'enabled' column does not exist in the source database, a permanent true value for this
+     * column may be returned by using a query similar to
+     * <pre>
+     * "select username,password,'true' as enabled from users where username = ?"
+     * </pre>
      *
      * @param usersByUsernameQueryString The query string to set
      */
@@ -344,59 +350,4 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     public void setEnableGroups(boolean enableGroups) {
         this.enableGroups = enableGroups;
     }
-
-    //~ Inner Classes ==================================================================================================
-
-    /**
-     * Query object to look up a user's authorities.
-     */
-    private class AuthoritiesByUsernameMapping extends MappingSqlQuery {
-        protected AuthoritiesByUsernameMapping(DataSource ds) {
-            super(ds, authoritiesByUsernameQuery);
-            declareParameter(new SqlParameter(Types.VARCHAR));
-            compile();
-        }
-
-        protected Object mapRow(ResultSet rs, int rownum) throws SQLException {
-            String roleName = rolePrefix + rs.getString(2);
-            GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName);
-
-            return authority;
-        }
-    }
-
-    private class GroupAuthoritiesByUsernameMapping extends MappingSqlQuery {
-        protected GroupAuthoritiesByUsernameMapping(DataSource ds) {
-            super(ds, groupAuthoritiesByUsernameQuery);
-            declareParameter(new SqlParameter(Types.VARCHAR));
-            compile();
-        }
-
-        protected Object mapRow(ResultSet rs, int rownum) throws SQLException {
-            String roleName = rolePrefix + rs.getString(3);
-            GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName);
-
-            return authority;
-        }
-    }
-
-    /**
-     * Query object to look up a user.
-     */
-    private class UsersByUsernameMapping extends MappingSqlQuery {
-        protected UsersByUsernameMapping(DataSource ds) {
-            super(ds, usersByUsernameQuery);
-            declareParameter(new SqlParameter(Types.VARCHAR));
-            compile();
-        }
-
-        protected Object mapRow(ResultSet rs, int rownum) throws SQLException {
-            String username = rs.getString(1);
-            String password = rs.getString(2);
-            boolean enabled = rs.getBoolean(3);
-            UserDetails user = new User(username, password, enabled, true, true, true, AuthorityUtils.NO_AUTHORITIES);
-
-            return user;
-        }
-    }
 }
diff --git a/core/src/test/java/org/springframework/security/userdetails/jdbc/JdbcDaoImplTests.java b/core/src/test/java/org/springframework/security/userdetails/jdbc/JdbcDaoImplTests.java
index 0b94726265..938c522f5c 100644
--- a/core/src/test/java/org/springframework/security/userdetails/jdbc/JdbcDaoImplTests.java
+++ b/core/src/test/java/org/springframework/security/userdetails/jdbc/JdbcDaoImplTests.java
@@ -37,14 +37,6 @@ import java.util.HashSet;
  * @version $Id$
  */
 public class JdbcDaoImplTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public JdbcDaoImplTests() {
-    }
-
-    public JdbcDaoImplTests(String arg0) {
-        super(arg0);
-    }
 
     //~ Methods ========================================================================================================