extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/permission/UserPermissionMapper.xml - guacamole-client - Git at Google

 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
     "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >

 <!--
     Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
     regarding copyright ownership.  The ASF licenses this file
     to you under the Apache License, Version 2.0 (the
     "License"); you may not use this file except in compliance
     with the License.  You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

     Unless required by applicable law or agreed to in writing,
     software distributed under the License is distributed on an
     "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
     KIND, either express or implied.  See the License for the
     specific language governing permissions and limitations
     under the License.
 -->

 <mapper namespace="org.apache.guacamole.auth.jdbc.permission.UserPermissionMapper" >

     <!-- Result mapper for user permissions -->
     <resultMap id="UserPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
         <result column="entity_id"         property="entityID"         jdbcType="INTEGER"/>
         <result column="permission"        property="type"             jdbcType="VARCHAR"
                 javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
         <result column="affected_name"     property="objectIdentifier" jdbcType="INTEGER"/>
     </resultMap>

     <!-- Select all permissions for a given entity -->
     <select id="select" resultMap="UserPermissionResultMap">

         SELECT DISTINCT
             #{entity.entityID,jdbcType=INTEGER} AS entity_id,
             permission,
             affected_entity.name AS affected_name
         FROM [guacamole_user_permission]
         JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
         JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
                 <property name="column"   value="[guacamole_user_permission].entity_id"/>
                 <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
                 <property name="groups"   value="effectiveGroups"/>
             </include>
             AND affected_entity.type = 'USER'

     </select>

     <!-- Select the single permission matching the given criteria -->
     <select id="selectOne" resultMap="UserPermissionResultMap">

         SELECT DISTINCT
             #{entity.entityID,jdbcType=INTEGER} AS entity_id,
             permission,
             affected_entity.name AS affected_name
         FROM [guacamole_user_permission]
         JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
         JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
                 <property name="column"   value="[guacamole_user_permission].entity_id"/>
                 <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
                 <property name="groups"   value="effectiveGroups"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND affected_entity.name = #{identifier,jdbcType=VARCHAR}
             AND affected_entity.type = 'USER'

     </select>

     <!-- Select identifiers accessible by the given entity for the given permissions -->
     <select id="selectAccessibleIdentifiers" resultType="string">

         SELECT DISTINCT affected_entity.name
         FROM [guacamole_user_permission]
         JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
         JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
                 <property name="column"   value="[guacamole_user_permission].entity_id"/>
                 <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
                 <property name="groups"   value="effectiveGroups"/>
             </include>
             AND affected_entity.name IN
                 <foreach collection="identifiers" item="identifier"
                          open="(" separator="," close=")">
                     #{identifier,jdbcType=VARCHAR}
                 </foreach>
             AND permission IN
                 <foreach collection="permissions" item="permission"
                          open="(" separator="," close=")">
                     #{permission,jdbcType=VARCHAR}
                 </foreach>
             AND affected_entity.type = 'USER'

     </select>

     <!-- Delete all given permissions -->
     <delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">

         DELETE [guacamole_user_permission]
         FROM [guacamole_user_permission]
         JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
         JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <foreach collection="permissions" item="permission"
                      open="(" separator=" OR " close=")">
                 ([guacamole_user_permission].entity_id = #{permission.entityID,jdbcType=INTEGER} AND
                  permission = #{permission.type,jdbcType=VARCHAR} AND
                  affected_entity.name = #{permission.objectIdentifier,jdbcType=VARCHAR} AND
                  affected_entity.type = 'USER')
             </foreach>

     </delete>

     <!-- Insert all given permissions -->
     <insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">

         INSERT INTO [guacamole_user_permission] (
             entity_id,
             permission,
             affected_user_id
         )
         SELECT DISTINCT
             permissions.entity_id,
             permissions.permission,
             affected_user.user_id
         FROM
             <foreach collection="permissions" item="permission"
                      open="(" separator="UNION ALL" close=")">
                 SELECT #{permission.entityID,jdbcType=INTEGER} AS entity_id,
                        #{permission.type,jdbcType=VARCHAR} AS permission,
                        #{permission.objectIdentifier,jdbcType=INTEGER} AS affected_name
             </foreach>
         AS permissions
         JOIN [guacamole_entity] affected_entity ON
                 affected_entity.name = permissions.affected_name
             AND affected_entity.type = 'USER'
         JOIN [guacamole_user] affected_user ON affected_user.entity_id = affected_entity.entity_id
         WHERE NOT EXISTS (SELECT 1 FROM [guacamole_user_permission]
             WHERE [guacamole_user_permission].entity_id = permissions.entity_id
             AND [guacamole_user_permission].permission = permissions.permission
             AND [guacamole_user_permission].affected_user_id = affected_user.user_id
         );

     </insert>

 </mapper>
	<?xml version="1.0" encoding="UTF-8" ?>
	<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
	"http://mybatis.org/dtd/mybatis-3-mapper.dtd" >

	<!--
	Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.
	-->

	<mapper namespace="org.apache.guacamole.auth.jdbc.permission.UserPermissionMapper" >

	<!-- Result mapper for user permissions -->
	<resultMap id="UserPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
	<result column="entity_id" property="entityID" jdbcType="INTEGER"/>
	<result column="permission" property="type" jdbcType="VARCHAR"
	javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
	<result column="affected_name" property="objectIdentifier" jdbcType="INTEGER"/>
	</resultMap>

	<!-- Select all permissions for a given entity -->
	<select id="select" resultMap="UserPermissionResultMap">

	SELECT DISTINCT
	#{entity.entityID,jdbcType=INTEGER} AS entity_id,
	permission,
	affected_entity.name AS affected_name
	FROM [guacamole_user_permission]
	JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
	JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
	WHERE
	<include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
	<property name="column" value="[guacamole_user_permission].entity_id"/>
	<property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
	<property name="groups" value="effectiveGroups"/>
	</include>
	AND affected_entity.type = 'USER'

	</select>

	<!-- Select the single permission matching the given criteria -->
	<select id="selectOne" resultMap="UserPermissionResultMap">

	SELECT DISTINCT
	#{entity.entityID,jdbcType=INTEGER} AS entity_id,
	permission,
	affected_entity.name AS affected_name
	FROM [guacamole_user_permission]
	JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
	JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
	WHERE
	<include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
	<property name="column" value="[guacamole_user_permission].entity_id"/>
	<property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
	<property name="groups" value="effectiveGroups"/>
	</include>
	AND permission = #{type,jdbcType=VARCHAR}
	AND affected_entity.name = #{identifier,jdbcType=VARCHAR}
	AND affected_entity.type = 'USER'

	</select>

	<!-- Select identifiers accessible by the given entity for the given permissions -->
	<select id="selectAccessibleIdentifiers" resultType="string">

	SELECT DISTINCT affected_entity.name
	FROM [guacamole_user_permission]
	JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
	JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
	WHERE
	<include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
	<property name="column" value="[guacamole_user_permission].entity_id"/>
	<property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
	<property name="groups" value="effectiveGroups"/>
	</include>
	AND affected_entity.name IN
	<foreach collection="identifiers" item="identifier"
	open="(" separator="," close=")">
	#{identifier,jdbcType=VARCHAR}
	</foreach>
	AND permission IN
	<foreach collection="permissions" item="permission"
	open="(" separator="," close=")">
	#{permission,jdbcType=VARCHAR}
	</foreach>
	AND affected_entity.type = 'USER'

	</select>

	<!-- Delete all given permissions -->
	<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">

	DELETE [guacamole_user_permission]
	FROM [guacamole_user_permission]
	JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
	JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
	WHERE
	<foreach collection="permissions" item="permission"
	open="(" separator=" OR " close=")">
	([guacamole_user_permission].entity_id = #{permission.entityID,jdbcType=INTEGER} AND
	permission = #{permission.type,jdbcType=VARCHAR} AND
	affected_entity.name = #{permission.objectIdentifier,jdbcType=VARCHAR} AND
	affected_entity.type = 'USER')
	</foreach>

	</delete>

	<!-- Insert all given permissions -->
	<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">

	INSERT INTO [guacamole_user_permission] (
	entity_id,
	permission,
	affected_user_id
	)
	SELECT DISTINCT
	permissions.entity_id,
	permissions.permission,
	affected_user.user_id
	FROM
	<foreach collection="permissions" item="permission"
	open="(" separator="UNION ALL" close=")">
	SELECT #{permission.entityID,jdbcType=INTEGER} AS entity_id,
	#{permission.type,jdbcType=VARCHAR} AS permission,
	#{permission.objectIdentifier,jdbcType=INTEGER} AS affected_name
	</foreach>
	AS permissions
	JOIN [guacamole_entity] affected_entity ON
	affected_entity.name = permissions.affected_name
	AND affected_entity.type = 'USER'
	JOIN [guacamole_user] affected_user ON affected_user.entity_id = affected_entity.entity_id
	WHERE NOT EXISTS (SELECT 1 FROM [guacamole_user_permission]
	WHERE [guacamole_user_permission].entity_id = permissions.entity_id
	AND [guacamole_user_permission].permission = permissions.permission
	AND [guacamole_user_permission].affected_user_id = affected_user.user_id
	);

	</insert>

	</mapper>