diff options
author | Anton Tananaev <anton.tananaev@gmail.com> | 2015-06-10 15:45:55 +1200 |
---|---|---|
committer | Anton Tananaev <anton.tananaev@gmail.com> | 2015-06-10 15:45:55 +1200 |
commit | ee087f587a96700d91e407d434e94d1616c18368 (patch) | |
tree | fc9642ed3159dd16ebd1c5448233b251b091921c /src | |
parent | ee4c07115d3bc3e58b92310f54bee7bd616ec669 (diff) | |
parent | 96a2d024658746f50628727f7255c4e19ecdb1b4 (diff) | |
download | trackermap-server-ee087f587a96700d91e407d434e94d1616c18368.tar.gz trackermap-server-ee087f587a96700d91e407d434e94d1616c18368.tar.bz2 trackermap-server-ee087f587a96700d91e407d434e94d1616c18368.zip |
Merge pull request #1240 from demianalonso/master
Move SQL queries to the config file
Diffstat (limited to 'src')
-rw-r--r-- | src/org/traccar/database/DataManager.java | 69 | ||||
-rw-r--r-- | src/org/traccar/database/QueryBuilder.java | 22 | ||||
-rw-r--r-- | src/org/traccar/helper/Hashing.java | 20 | ||||
-rw-r--r-- | src/org/traccar/model/User.java | 9 |
4 files changed, 78 insertions, 42 deletions
diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java index db863e8f4..9633ada58 100644 --- a/src/org/traccar/database/DataManager.java +++ b/src/org/traccar/database/DataManager.java @@ -15,10 +15,12 @@ */ package org.traccar.database; -import com.mchange.v2.c3p0.ComboPooledDataSource; import java.io.File; +import java.io.UnsupportedEncodingException; import java.net.URL; import java.net.URLClassLoader; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; import java.sql.Connection; import java.sql.Driver; import java.sql.DriverManager; @@ -30,10 +32,13 @@ import java.util.Date; import java.util.HashMap; import java.util.Map; import java.util.Properties; + import javax.naming.InitialContext; import javax.sql.DataSource; + import org.traccar.Context; import org.traccar.helper.DriverDelegate; +import org.traccar.helper.Hashing; import org.traccar.helper.Log; import org.traccar.http.JsonConverter; import org.traccar.model.Device; @@ -42,6 +47,8 @@ import org.traccar.model.Position; import org.traccar.model.Server; import org.traccar.model.User; +import com.mchange.v2.c3p0.ComboPooledDataSource; + public class DataManager { private static final long DEFAULT_REFRESH_DELAY = 300; @@ -167,15 +174,13 @@ public class DataManager { Server server = new Server(); server.setRegistration(true); - QueryBuilder.create(dataSource, - "INSERT INTO server (registration, latitude, longitude, zoom)" + - "VALUES (:registration, :latitude, :longitude, :zoom);") + QueryBuilder.create(dataSource, properties.getProperty("database.insertServer")) .setObject(server) .executeUpdate(); mockData(admin.getId()); } - + private void mockData(long userId) { if (Boolean.valueOf(Context.getProps().getProperty("database.mock"))) { try { @@ -213,46 +218,43 @@ public class DataManager { } public User login(String email, String password) throws SQLException { - return QueryBuilder.create(dataSource, - "SELECT * FROM user WHERE email = :email AND " + - "password = CAST(HASH('SHA256', STRINGTOUTF8(:password), 1000) AS VARCHAR);") + return QueryBuilder.create(dataSource, properties.getProperty("database.loginUser")) .setString("email", email) - .setString("password", password) + .setBytes("password", Hashing.sha256(password)) .executeQuerySingle(new User()); } public Collection<User> getUsers() throws SQLException { - return QueryBuilder.create(dataSource, - "SELECT * FROM user;") + return QueryBuilder.create(dataSource, properties.getProperty("database.selectUsersAll")) .executeQuery(new User()); } public void addUser(User user) throws SQLException { - user.setId(QueryBuilder.create(dataSource, - "INSERT INTO user (name, email, password, admin) " + - "VALUES (:name, :email, CAST(HASH('SHA256', STRINGTOUTF8(:password), 1000) AS VARCHAR), :admin);") + user.setId(QueryBuilder.create(dataSource, properties.getProperty("database.insertUser")) .setObject(user) .executeUpdate()); } public void updateUser(User user) throws SQLException { - QueryBuilder.create(dataSource, - "UPDATE user SET name = :name, email = :email, admin = :admin," + - "password = CASEWHEN((SELECT password FROM user WHERE id = :id) = :password, :password, CAST(HASH('SHA256', STRINGTOUTF8(:password), 1000) AS VARCHAR)) WHERE id = :id;") + QueryBuilder.create(dataSource, properties.getProperty("database.updateUser")) .setObject(user) .executeUpdate(); + + if(user.getPassword() != null) { + QueryBuilder.create(dataSource, properties.getProperty("database.updateUserPassword")) + .setObject(user) + .executeUpdate(); + } } public void removeUser(User user) throws SQLException { - QueryBuilder.create(dataSource, - "DELETE FROM user WHERE id = :id;") + QueryBuilder.create(dataSource, properties.getProperty("database.deleteUser")) .setObject(user) .executeUpdate(); } public Collection<Permission> getPermissions() throws SQLException { - return QueryBuilder.create(dataSource, - "SELECT userId, deviceId FROM user_device;") + return QueryBuilder.create(dataSource, properties.getProperty("database.getPermissions")) .executeQuery(new Permission()); } @@ -262,45 +264,38 @@ public class DataManager { } public Collection<Device> getDevices(long userId) throws SQLException { - return QueryBuilder.create(dataSource, - "SELECT * FROM device WHERE id IN (" + - "SELECT deviceId FROM user_device WHERE userId = :userId);") + return QueryBuilder.create(dataSource, properties.getProperty("database.selectDevices")) .setLong("userId", userId) .executeQuery(new Device()); } public void addDevice(Device device) throws SQLException { - device.setId(QueryBuilder.create(dataSource, - "INSERT INTO device (name, uniqueId) VALUES (:name, :uniqueId);") + device.setId(QueryBuilder.create(dataSource, properties.getProperty("database.insertDevice")) .setObject(device) .executeUpdate()); } public void updateDevice(Device device) throws SQLException { - QueryBuilder.create(dataSource, - "UPDATE device SET name = :name, uniqueId = :uniqueId WHERE id = :id;") + QueryBuilder.create(dataSource, properties.getProperty("database.updateDevice")) .setObject(device) .executeUpdate(); } public void removeDevice(Device device) throws SQLException { - QueryBuilder.create(dataSource, - "DELETE FROM device WHERE id = :id;") + QueryBuilder.create(dataSource, properties.getProperty("database.removeDevice")) .setObject(device) .executeUpdate(); } public void linkDevice(long userId, long deviceId) throws SQLException { - QueryBuilder.create(dataSource, - "INSERT INTO user_device (userId, deviceId) VALUES (:userId, :deviceId);") + QueryBuilder.create(dataSource, properties.getProperty("database.linkDevice")) .setLong("userId", userId) .setLong("deviceId", deviceId) .executeUpdate(); } public Collection<Position> getPositions(long userId, long deviceId, Date from, Date to) throws SQLException { - return QueryBuilder.create(dataSource, - "SELECT * FROM position WHERE deviceId = :deviceId AND fixTime BETWEEN :from AND :to;") + return QueryBuilder.create(dataSource, properties.getProperty("database.selectPositions")) .setLong("deviceId", deviceId) .setDate("from", from) .setDate("to", to) @@ -318,14 +313,12 @@ public class DataManager { } public Server getServer() throws SQLException { - return QueryBuilder.create(dataSource, - "SELECT * FROM server;") + return QueryBuilder.create(dataSource, properties.getProperty("database.selectServer")) .executeQuerySingle(new Server()); } public void updateServer(Server server) throws SQLException { - QueryBuilder.create(dataSource, - "UPDATE server SET registration = :registration WHERE id = :id;") + QueryBuilder.create(dataSource, properties.getProperty("database.updateServer")) .setObject(server) .executeUpdate(); } diff --git a/src/org/traccar/database/QueryBuilder.java b/src/org/traccar/database/QueryBuilder.java index ff26221de..05ec3e35c 100644 --- a/src/org/traccar/database/QueryBuilder.java +++ b/src/org/traccar/database/QueryBuilder.java @@ -15,6 +15,7 @@ */ package org.traccar.database; +import java.lang.reflect.Array; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.sql.Connection; @@ -31,7 +32,9 @@ import java.util.HashMap; import java.util.LinkedList; import java.util.List; import java.util.Map; + import javax.sql.DataSource; + import org.traccar.model.Factory; public class QueryBuilder { @@ -211,6 +214,23 @@ public class QueryBuilder { return this; } + public QueryBuilder setBytes(String name, byte[] value) throws SQLException { + for (int i : indexes(name)) { + try { + if (value == null) { + statement.setNull(i, Types.VARCHAR); + } else { + statement.setBytes(i, value); + } + } catch (SQLException error) { + statement.close(); + connection.close(); + throw error; + } + } + return this; + } + public QueryBuilder setObject(Object object) throws SQLException { Method[] methods = object.getClass().getMethods(); @@ -231,6 +251,8 @@ public class QueryBuilder { setString(name, (String) method.invoke(object)); } else if (method.getReturnType().equals(Date.class)) { setDate(name, (Date) method.invoke(object)); + } else if (method.getReturnType().equals(byte[].class)) { + setBytes(name, (byte[]) method.invoke(object)); } } catch (IllegalAccessException error) { } catch (InvocationTargetException error) { diff --git a/src/org/traccar/helper/Hashing.java b/src/org/traccar/helper/Hashing.java new file mode 100644 index 000000000..7e7579ede --- /dev/null +++ b/src/org/traccar/helper/Hashing.java @@ -0,0 +1,20 @@ +package org.traccar.helper; + +import java.nio.charset.StandardCharsets; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +public class Hashing { + + public static byte[] sha256(String text) { + try { + MessageDigest md = MessageDigest.getInstance("SHA-256"); + md.update(text.getBytes(StandardCharsets.UTF_8)); + + return md.digest(); + } catch (NoSuchAlgorithmException e) { + throw new RuntimeException(e); + } + } + +} diff --git a/src/org/traccar/model/User.java b/src/org/traccar/model/User.java index 2df5f276d..410bc4d74 100644 --- a/src/org/traccar/model/User.java +++ b/src/org/traccar/model/User.java @@ -15,6 +15,8 @@ */ package org.traccar.model; +import org.traccar.helper.Hashing; + public class User implements Factory { @Override @@ -34,9 +36,9 @@ public class User implements Factory { public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } - private String password; - public String getPassword() { return password; } - public void setPassword(String password) { this.password = password; } + private byte[] password; + public byte[] getPassword() { return password; } + public void setPassword(String password) { this.password = Hashing.sha256(password); } private boolean readonly; @@ -57,5 +59,4 @@ public class User implements Factory { private double longitude; private int zoom; - } |