mirror of
https://github.com/gyurix1968/guacamole-client.git
synced 2025-10-31 00:53:21 +00:00
GUACAMOLE-220: Update SQL queries to use guacamole_entity table where applicable.
This commit is contained in:
Michael Jumper
@@ -68,7 +68,7 @@
|
|||||||
SELECT connection_id
|
SELECT connection_id
|
||||||
FROM guacamole_connection_permission
|
FROM guacamole_connection_permission
|
||||||
WHERE
|
WHERE
|
||||||
user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -89,7 +89,7 @@
|
|||||||
WHERE
|
WHERE
|
||||||
<if test="parentIdentifier != null">parent_id = #{parentIdentifier,jdbcType=INTEGER}::integer</if>
|
<if test="parentIdentifier != null">parent_id = #{parentIdentifier,jdbcType=INTEGER}::integer</if>
|
||||||
<if test="parentIdentifier == null">parent_id IS NULL</if>
|
<if test="parentIdentifier == null">parent_id IS NULL</if>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -165,7 +165,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND guacamole_connection_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
AND guacamole_connection_permission.entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
GROUP BY guacamole_connection.connection_id;
|
GROUP BY guacamole_connection.connection_id;
|
||||||
|
|
||||||
@@ -177,7 +177,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
@@ -191,7 +191,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|||||||
@@ -79,7 +79,10 @@
|
|||||||
#{record.sharingProfileIdentifier,jdbcType=INTEGER}::integer,
|
#{record.sharingProfileIdentifier,jdbcType=INTEGER}::integer,
|
||||||
#{record.sharingProfileName,jdbcType=VARCHAR},
|
#{record.sharingProfileName,jdbcType=VARCHAR},
|
||||||
(SELECT user_id FROM guacamole_user
|
(SELECT user_id FROM guacamole_user
|
||||||
WHERE username = #{record.username,jdbcType=VARCHAR}),
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE
|
||||||
|
guacamole_entity.name = #{record.username,jdbcType=VARCHAR}
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type),
|
||||||
#{record.username,jdbcType=VARCHAR},
|
#{record.username,jdbcType=VARCHAR},
|
||||||
#{record.startDate,jdbcType=TIMESTAMP},
|
#{record.startDate,jdbcType=TIMESTAMP},
|
||||||
#{record.endDate,jdbcType=TIMESTAMP}
|
#{record.endDate,jdbcType=TIMESTAMP}
|
||||||
@@ -180,7 +183,10 @@
|
|||||||
guacamole_connection_history.user_id IN (
|
guacamole_connection_history.user_id IN (
|
||||||
SELECT user_id
|
SELECT user_id
|
||||||
FROM guacamole_user
|
FROM guacamole_user
|
||||||
WHERE POSITION(#{term.term,jdbcType=VARCHAR} IN username) > 0
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE
|
||||||
|
POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
)
|
)
|
||||||
|
|
||||||
OR guacamole_connection_history.connection_id IN (
|
OR guacamole_connection_history.connection_id IN (
|
||||||
|
|||||||
@@ -69,7 +69,7 @@
|
|||||||
SELECT connection_group_id
|
SELECT connection_group_id
|
||||||
FROM guacamole_connection_group_permission
|
FROM guacamole_connection_group_permission
|
||||||
WHERE
|
WHERE
|
||||||
user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -90,7 +90,7 @@
|
|||||||
WHERE
|
WHERE
|
||||||
<if test="parentIdentifier != null">parent_id = #{parentIdentifier,jdbcType=INTEGER}::integer</if>
|
<if test="parentIdentifier != null">parent_id = #{parentIdentifier,jdbcType=INTEGER}::integer</if>
|
||||||
<if test="parentIdentifier == null">parent_id IS NULL</if>
|
<if test="parentIdentifier == null">parent_id IS NULL</if>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -161,7 +161,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
SELECT parent_id, guacamole_connection_group.connection_group_id
|
SELECT parent_id, guacamole_connection_group.connection_group_id
|
||||||
@@ -172,7 +172,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
SELECT parent_id, guacamole_connection.connection_id
|
SELECT parent_id, guacamole_connection.connection_id
|
||||||
@@ -183,7 +183,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
@@ -197,7 +197,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|||||||
@@ -25,24 +25,21 @@
|
|||||||
|
|
||||||
<!-- Result mapper for connection permissions -->
|
<!-- Result mapper for connection permissions -->
|
||||||
<resultMap id="ConnectionGroupPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<resultMap id="ConnectionGroupPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
<result column="user_id" property="userID" jdbcType="INTEGER"/>
|
<result column="entity_id" property="entityID" jdbcType="INTEGER"/>
|
||||||
<result column="username" property="username" jdbcType="VARCHAR"/>
|
|
||||||
<result column="permission" property="type" jdbcType="VARCHAR"
|
<result column="permission" property="type" jdbcType="VARCHAR"
|
||||||
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
||||||
<result column="connection_group_id" property="objectIdentifier" jdbcType="INTEGER"/>
|
<result column="connection_group_id" property="objectIdentifier" jdbcType="INTEGER"/>
|
||||||
</resultMap>
|
</resultMap>
|
||||||
|
|
||||||
<!-- Select all permissions for a given user -->
|
<!-- Select all permissions for a given entity -->
|
||||||
<select id="select" resultMap="ConnectionGroupPermissionResultMap">
|
<select id="select" resultMap="ConnectionGroupPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_connection_group_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission,
|
permission,
|
||||||
connection_group_id
|
connection_group_id
|
||||||
FROM guacamole_connection_group_permission
|
FROM guacamole_connection_group_permission
|
||||||
JOIN guacamole_user ON guacamole_connection_group_permission.user_id = guacamole_user.user_id
|
WHERE entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
WHERE guacamole_connection_group_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -50,26 +47,24 @@
|
|||||||
<select id="selectOne" resultMap="ConnectionGroupPermissionResultMap">
|
<select id="selectOne" resultMap="ConnectionGroupPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_connection_group_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission,
|
permission,
|
||||||
connection_group_id
|
connection_group_id
|
||||||
FROM guacamole_connection_group_permission
|
FROM guacamole_connection_group_permission
|
||||||
JOIN guacamole_user ON guacamole_connection_group_permission.user_id = guacamole_user.user_id
|
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_connection_group_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
||||||
AND connection_group_id = #{identifier,jdbcType=INTEGER}::integer
|
AND connection_group_id = #{identifier,jdbcType=INTEGER}::integer
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<!-- Select identifiers accessible by the given user for the given permissions -->
|
<!-- Select identifiers accessible by the given entity for the given permissions -->
|
||||||
<select id="selectAccessibleIdentifiers" resultType="string">
|
<select id="selectAccessibleIdentifiers" resultType="string">
|
||||||
|
|
||||||
SELECT DISTINCT connection_group_id
|
SELECT DISTINCT connection_group_id
|
||||||
FROM guacamole_connection_group_permission
|
FROM guacamole_connection_group_permission
|
||||||
WHERE
|
WHERE
|
||||||
user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND connection_group_id IN
|
AND connection_group_id IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
@@ -87,10 +82,10 @@
|
|||||||
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
DELETE FROM guacamole_connection_group_permission
|
DELETE FROM guacamole_connection_group_permission
|
||||||
WHERE (user_id, permission, connection_group_id) IN
|
WHERE (entity_id, permission, connection_group_id) IN
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
(#{permission.userID,jdbcType=INTEGER},
|
(#{permission.entityID,jdbcType=INTEGER},
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER}::integer)
|
#{permission.objectIdentifier,jdbcType=INTEGER}::integer)
|
||||||
</foreach>
|
</foreach>
|
||||||
@@ -101,25 +96,25 @@
|
|||||||
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
INSERT INTO guacamole_connection_group_permission (
|
INSERT INTO guacamole_connection_group_permission (
|
||||||
user_id,
|
entity_id,
|
||||||
permission,
|
permission,
|
||||||
connection_group_id
|
connection_group_id
|
||||||
)
|
)
|
||||||
SELECT DISTINCT
|
SELECT DISTINCT
|
||||||
permissions.user_id,
|
permissions.entity_id,
|
||||||
permissions.permission,
|
permissions.permission,
|
||||||
permissions.connection_group_id
|
permissions.connection_group_id
|
||||||
FROM
|
FROM
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="UNION ALL" close=")">
|
open="(" separator="UNION ALL" close=")">
|
||||||
SELECT #{permission.userID,jdbcType=INTEGER} AS user_id,
|
SELECT #{permission.entityID,jdbcType=INTEGER} AS entity_id,
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER}::integer AS connection_group_id
|
#{permission.objectIdentifier,jdbcType=INTEGER}::integer AS connection_group_id
|
||||||
</foreach>
|
</foreach>
|
||||||
AS permissions
|
AS permissions
|
||||||
WHERE (user_id, permission, connection_group_id) NOT IN (
|
WHERE (entity_id, permission, connection_group_id) NOT IN (
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_connection_group_permission.user_id,
|
guacamole_connection_group_permission.entity_id,
|
||||||
guacamole_connection_group_permission.permission,
|
guacamole_connection_group_permission.permission,
|
||||||
guacamole_connection_group_permission.connection_group_id
|
guacamole_connection_group_permission.connection_group_id
|
||||||
FROM guacamole_connection_group_permission
|
FROM guacamole_connection_group_permission
|
||||||
|
|||||||
@@ -25,24 +25,21 @@
|
|||||||
|
|
||||||
<!-- Result mapper for connection permissions -->
|
<!-- Result mapper for connection permissions -->
|
||||||
<resultMap id="ConnectionPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<resultMap id="ConnectionPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
<result column="user_id" property="userID" jdbcType="INTEGER"/>
|
<result column="entity_id" property="entityID" jdbcType="INTEGER"/>
|
||||||
<result column="username" property="username" jdbcType="VARCHAR"/>
|
|
||||||
<result column="permission" property="type" jdbcType="VARCHAR"
|
<result column="permission" property="type" jdbcType="VARCHAR"
|
||||||
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
||||||
<result column="connection_id" property="objectIdentifier" jdbcType="INTEGER"/>
|
<result column="connection_id" property="objectIdentifier" jdbcType="INTEGER"/>
|
||||||
</resultMap>
|
</resultMap>
|
||||||
|
|
||||||
<!-- Select all permissions for a given user -->
|
<!-- Select all permissions for a given entity -->
|
||||||
<select id="select" resultMap="ConnectionPermissionResultMap">
|
<select id="select" resultMap="ConnectionPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_connection_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission,
|
permission,
|
||||||
connection_id
|
connection_id
|
||||||
FROM guacamole_connection_permission
|
FROM guacamole_connection_permission
|
||||||
JOIN guacamole_user ON guacamole_connection_permission.user_id = guacamole_user.user_id
|
WHERE entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
WHERE guacamole_connection_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -50,26 +47,24 @@
|
|||||||
<select id="selectOne" resultMap="ConnectionPermissionResultMap">
|
<select id="selectOne" resultMap="ConnectionPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_connection_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission,
|
permission,
|
||||||
connection_id
|
connection_id
|
||||||
FROM guacamole_connection_permission
|
FROM guacamole_connection_permission
|
||||||
JOIN guacamole_user ON guacamole_connection_permission.user_id = guacamole_user.user_id
|
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_connection_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
||||||
AND connection_id = #{identifier,jdbcType=INTEGER}::integer
|
AND connection_id = #{identifier,jdbcType=INTEGER}::integer
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<!-- Select identifiers accessible by the given user for the given permissions -->
|
<!-- Select identifiers accessible by the given entity for the given permissions -->
|
||||||
<select id="selectAccessibleIdentifiers" resultType="string">
|
<select id="selectAccessibleIdentifiers" resultType="string">
|
||||||
|
|
||||||
SELECT DISTINCT connection_id
|
SELECT DISTINCT connection_id
|
||||||
FROM guacamole_connection_permission
|
FROM guacamole_connection_permission
|
||||||
WHERE
|
WHERE
|
||||||
user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND connection_id IN
|
AND connection_id IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
@@ -87,10 +82,10 @@
|
|||||||
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
DELETE FROM guacamole_connection_permission
|
DELETE FROM guacamole_connection_permission
|
||||||
WHERE (user_id, permission, connection_id) IN
|
WHERE (entity_id, permission, connection_id) IN
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
(#{permission.userID,jdbcType=INTEGER},
|
(#{permission.entityID,jdbcType=INTEGER},
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER}::integer)
|
#{permission.objectIdentifier,jdbcType=INTEGER}::integer)
|
||||||
</foreach>
|
</foreach>
|
||||||
@@ -101,25 +96,25 @@
|
|||||||
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
INSERT INTO guacamole_connection_permission (
|
INSERT INTO guacamole_connection_permission (
|
||||||
user_id,
|
entity_id,
|
||||||
permission,
|
permission,
|
||||||
connection_id
|
connection_id
|
||||||
)
|
)
|
||||||
SELECT DISTINCT
|
SELECT DISTINCT
|
||||||
permissions.user_id,
|
permissions.entity_id,
|
||||||
permissions.permission,
|
permissions.permission,
|
||||||
permissions.connection_id
|
permissions.connection_id
|
||||||
FROM
|
FROM
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="UNION ALL" close=")">
|
open="(" separator="UNION ALL" close=")">
|
||||||
SELECT #{permission.userID,jdbcType=INTEGER} AS user_id,
|
SELECT #{permission.entityID,jdbcType=INTEGER} AS entity_id,
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER}::integer AS connection_id
|
#{permission.objectIdentifier,jdbcType=INTEGER}::integer AS connection_id
|
||||||
</foreach>
|
</foreach>
|
||||||
AS permissions
|
AS permissions
|
||||||
WHERE (user_id, permission, connection_id) NOT IN (
|
WHERE (entity_id, permission, connection_id) NOT IN (
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_connection_permission.user_id,
|
guacamole_connection_permission.entity_id,
|
||||||
guacamole_connection_permission.permission,
|
guacamole_connection_permission.permission,
|
||||||
guacamole_connection_permission.connection_id
|
guacamole_connection_permission.connection_id
|
||||||
FROM guacamole_connection_permission
|
FROM guacamole_connection_permission
|
||||||
|
|||||||
@@ -25,24 +25,21 @@
|
|||||||
|
|
||||||
<!-- Result mapper for sharing profile permissions -->
|
<!-- Result mapper for sharing profile permissions -->
|
||||||
<resultMap id="SharingProfilePermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<resultMap id="SharingProfilePermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
<result column="user_id" property="userID" jdbcType="INTEGER"/>
|
<result column="entity_id" property="entityID" jdbcType="INTEGER"/>
|
||||||
<result column="username" property="username" jdbcType="VARCHAR"/>
|
|
||||||
<result column="permission" property="type" jdbcType="VARCHAR"
|
<result column="permission" property="type" jdbcType="VARCHAR"
|
||||||
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
||||||
<result column="sharing_profile_id" property="objectIdentifier" jdbcType="INTEGER"/>
|
<result column="sharing_profile_id" property="objectIdentifier" jdbcType="INTEGER"/>
|
||||||
</resultMap>
|
</resultMap>
|
||||||
|
|
||||||
<!-- Select all permissions for a given user -->
|
<!-- Select all permissions for a given entity -->
|
||||||
<select id="select" resultMap="SharingProfilePermissionResultMap">
|
<select id="select" resultMap="SharingProfilePermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_sharing_profile_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission,
|
permission,
|
||||||
sharing_profile_id
|
sharing_profile_id
|
||||||
FROM guacamole_sharing_profile_permission
|
FROM guacamole_sharing_profile_permission
|
||||||
JOIN guacamole_user ON guacamole_sharing_profile_permission.user_id = guacamole_user.user_id
|
WHERE entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
WHERE guacamole_sharing_profile_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -50,26 +47,24 @@
|
|||||||
<select id="selectOne" resultMap="SharingProfilePermissionResultMap">
|
<select id="selectOne" resultMap="SharingProfilePermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_sharing_profile_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission,
|
permission,
|
||||||
sharing_profile_id
|
sharing_profile_id
|
||||||
FROM guacamole_sharing_profile_permission
|
FROM guacamole_sharing_profile_permission
|
||||||
JOIN guacamole_user ON guacamole_sharing_profile_permission.user_id = guacamole_user.user_id
|
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_sharing_profile_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
||||||
AND sharing_profile_id = #{identifier,jdbcType=INTEGER}::integer
|
AND sharing_profile_id = #{identifier,jdbcType=INTEGER}::integer
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<!-- Select identifiers accessible by the given user for the given permissions -->
|
<!-- Select identifiers accessible by the given entity for the given permissions -->
|
||||||
<select id="selectAccessibleIdentifiers" resultType="string">
|
<select id="selectAccessibleIdentifiers" resultType="string">
|
||||||
|
|
||||||
SELECT DISTINCT sharing_profile_id
|
SELECT DISTINCT sharing_profile_id
|
||||||
FROM guacamole_sharing_profile_permission
|
FROM guacamole_sharing_profile_permission
|
||||||
WHERE
|
WHERE
|
||||||
user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND sharing_profile_id IN
|
AND sharing_profile_id IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
@@ -87,10 +82,10 @@
|
|||||||
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
DELETE FROM guacamole_sharing_profile_permission
|
DELETE FROM guacamole_sharing_profile_permission
|
||||||
WHERE (user_id, permission, sharing_profile_id) IN
|
WHERE (entity_id, permission, sharing_profile_id) IN
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
(#{permission.userID,jdbcType=INTEGER},
|
(#{permission.entityID,jdbcType=INTEGER},
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER}::integer)
|
#{permission.objectIdentifier,jdbcType=INTEGER}::integer)
|
||||||
</foreach>
|
</foreach>
|
||||||
@@ -101,25 +96,25 @@
|
|||||||
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
INSERT INTO guacamole_sharing_profile_permission (
|
INSERT INTO guacamole_sharing_profile_permission (
|
||||||
user_id,
|
entity_id,
|
||||||
permission,
|
permission,
|
||||||
sharing_profile_id
|
sharing_profile_id
|
||||||
)
|
)
|
||||||
SELECT DISTINCT
|
SELECT DISTINCT
|
||||||
permissions.user_id,
|
permissions.entity_id,
|
||||||
permissions.permission,
|
permissions.permission,
|
||||||
permissions.sharing_profile_id
|
permissions.sharing_profile_id
|
||||||
FROM
|
FROM
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="UNION ALL" close=")">
|
open="(" separator="UNION ALL" close=")">
|
||||||
SELECT #{permission.userID,jdbcType=INTEGER} AS user_id,
|
SELECT #{permission.entityID,jdbcType=INTEGER} AS entity_id,
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER}::integer AS sharing_profile_id
|
#{permission.objectIdentifier,jdbcType=INTEGER}::integer AS sharing_profile_id
|
||||||
</foreach>
|
</foreach>
|
||||||
AS permissions
|
AS permissions
|
||||||
WHERE (user_id, permission, sharing_profile_id) NOT IN (
|
WHERE (entity_id, permission, sharing_profile_id) NOT IN (
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_sharing_profile_permission.user_id,
|
guacamole_sharing_profile_permission.entity_id,
|
||||||
guacamole_sharing_profile_permission.permission,
|
guacamole_sharing_profile_permission.permission,
|
||||||
guacamole_sharing_profile_permission.sharing_profile_id
|
guacamole_sharing_profile_permission.sharing_profile_id
|
||||||
FROM guacamole_sharing_profile_permission
|
FROM guacamole_sharing_profile_permission
|
||||||
|
|||||||
@@ -25,22 +25,19 @@
|
|||||||
|
|
||||||
<!-- Result mapper for system permissions -->
|
<!-- Result mapper for system permissions -->
|
||||||
<resultMap id="SystemPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.SystemPermissionModel">
|
<resultMap id="SystemPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.SystemPermissionModel">
|
||||||
<result column="user_id" property="userID" jdbcType="INTEGER"/>
|
<result column="entity_id" property="entityID" jdbcType="INTEGER"/>
|
||||||
<result column="username" property="username" jdbcType="VARCHAR"/>
|
|
||||||
<result column="permission" property="type" jdbcType="VARCHAR"
|
<result column="permission" property="type" jdbcType="VARCHAR"
|
||||||
javaType="org.apache.guacamole.net.auth.permission.SystemPermission$Type"/>
|
javaType="org.apache.guacamole.net.auth.permission.SystemPermission$Type"/>
|
||||||
</resultMap>
|
</resultMap>
|
||||||
|
|
||||||
<!-- Select all permissions for a given user -->
|
<!-- Select all permissions for a given entity -->
|
||||||
<select id="select" resultMap="SystemPermissionResultMap">
|
<select id="select" resultMap="SystemPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_system_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission
|
permission
|
||||||
FROM guacamole_system_permission
|
FROM guacamole_system_permission
|
||||||
JOIN guacamole_user ON guacamole_system_permission.user_id = guacamole_user.user_id
|
WHERE entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
WHERE guacamole_system_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -48,13 +45,11 @@
|
|||||||
<select id="selectOne" resultMap="SystemPermissionResultMap">
|
<select id="selectOne" resultMap="SystemPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_system_permission.user_id,
|
entity_id,
|
||||||
username,
|
|
||||||
permission
|
permission
|
||||||
FROM guacamole_system_permission
|
FROM guacamole_system_permission
|
||||||
JOIN guacamole_user ON guacamole_system_permission.user_id = guacamole_user.user_id
|
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_system_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND permission = #{type,jdbcType=VARCHAR}::guacamole_system_permission_type
|
AND permission = #{type,jdbcType=VARCHAR}::guacamole_system_permission_type
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
@@ -63,10 +58,10 @@
|
|||||||
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.SystemPermissionModel">
|
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.SystemPermissionModel">
|
||||||
|
|
||||||
DELETE FROM guacamole_system_permission
|
DELETE FROM guacamole_system_permission
|
||||||
WHERE (user_id, permission) IN
|
WHERE (entity_id, permission) IN
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
(#{permission.userID,jdbcType=INTEGER},
|
(#{permission.entityID,jdbcType=INTEGER},
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_system_permission_type)
|
#{permission.type,jdbcType=VARCHAR}::guacamole_system_permission_type)
|
||||||
</foreach>
|
</foreach>
|
||||||
|
|
||||||
@@ -76,22 +71,22 @@
|
|||||||
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.SystemPermissionModel">
|
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.SystemPermissionModel">
|
||||||
|
|
||||||
INSERT INTO guacamole_system_permission (
|
INSERT INTO guacamole_system_permission (
|
||||||
user_id,
|
entity_id,
|
||||||
permission
|
permission
|
||||||
)
|
)
|
||||||
SELECT DISTINCT
|
SELECT DISTINCT
|
||||||
permissions.user_id,
|
permissions.entity_id,
|
||||||
permissions.permission
|
permissions.permission
|
||||||
FROM
|
FROM
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="UNION ALL" close=")">
|
open="(" separator="UNION ALL" close=")">
|
||||||
SELECT #{permission.userID,jdbcType=INTEGER} AS user_id,
|
SELECT #{permission.entityID,jdbcType=INTEGER} AS entity_id,
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_system_permission_type AS permission
|
#{permission.type,jdbcType=VARCHAR}::guacamole_system_permission_type AS permission
|
||||||
</foreach>
|
</foreach>
|
||||||
AS permissions
|
AS permissions
|
||||||
WHERE (user_id, permission) NOT IN (
|
WHERE (entity_id, permission) NOT IN (
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_system_permission.user_id,
|
guacamole_system_permission.entity_id,
|
||||||
guacamole_system_permission.permission
|
guacamole_system_permission.permission
|
||||||
FROM guacamole_system_permission
|
FROM guacamole_system_permission
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -25,25 +25,25 @@
|
|||||||
|
|
||||||
<!-- Result mapper for user permissions -->
|
<!-- Result mapper for user permissions -->
|
||||||
<resultMap id="UserPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<resultMap id="UserPermissionResultMap" type="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
<result column="user_id" property="userID" jdbcType="INTEGER"/>
|
<result column="entity_id" property="entityID" jdbcType="INTEGER"/>
|
||||||
<result column="username" property="username" jdbcType="VARCHAR"/>
|
|
||||||
<result column="permission" property="type" jdbcType="VARCHAR"
|
<result column="permission" property="type" jdbcType="VARCHAR"
|
||||||
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
javaType="org.apache.guacamole.net.auth.permission.ObjectPermission$Type"/>
|
||||||
<result column="affected_username" property="objectIdentifier" jdbcType="INTEGER"/>
|
<result column="affected_name" property="objectIdentifier" jdbcType="INTEGER"/>
|
||||||
</resultMap>
|
</resultMap>
|
||||||
|
|
||||||
<!-- Select all permissions for a given user -->
|
<!-- Select all permissions for a given entity -->
|
||||||
<select id="select" resultMap="UserPermissionResultMap">
|
<select id="select" resultMap="UserPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user_permission.user_id,
|
guacamole_user_permission.entity_id,
|
||||||
guacamole_user.username,
|
|
||||||
permission,
|
permission,
|
||||||
affected.username AS affected_username
|
affected_entity.name AS affected_name
|
||||||
FROM guacamole_user_permission
|
FROM guacamole_user_permission
|
||||||
JOIN guacamole_user ON guacamole_user_permission.user_id = guacamole_user.user_id
|
JOIN guacamole_user affected_user ON guacamole_user_permission.affected_user_id = affected_user.user_id
|
||||||
JOIN guacamole_user affected ON guacamole_user_permission.affected_user_id = affected.user_id
|
JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
|
||||||
WHERE guacamole_user_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
WHERE
|
||||||
|
guacamole_user_permission.entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
|
AND affected_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -51,38 +51,40 @@
|
|||||||
<select id="selectOne" resultMap="UserPermissionResultMap">
|
<select id="selectOne" resultMap="UserPermissionResultMap">
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user_permission.user_id,
|
guacamole_user_permission.entity_id,
|
||||||
guacamole_user.username,
|
|
||||||
permission,
|
permission,
|
||||||
affected.username AS affected_username
|
affected_entity.name AS affected_name
|
||||||
FROM guacamole_user_permission
|
FROM guacamole_user_permission
|
||||||
JOIN guacamole_user ON guacamole_user_permission.user_id = guacamole_user.user_id
|
JOIN guacamole_user affected_user ON guacamole_user_permission.affected_user_id = affected_user.user_id
|
||||||
JOIN guacamole_user affected ON guacamole_user_permission.affected_user_id = affected.user_id
|
JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_user_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
guacamole_user_permission.entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
|
||||||
AND affected.username = #{identifier,jdbcType=INTEGER}
|
AND affected_entity.name = #{identifier,jdbcType=VARCHAR}
|
||||||
|
AND affected_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<!-- Select identifiers accessible by the given user for the given permissions -->
|
<!-- Select identifiers accessible by the given entity for the given permissions -->
|
||||||
<select id="selectAccessibleIdentifiers" resultType="string">
|
<select id="selectAccessibleIdentifiers" resultType="string">
|
||||||
|
|
||||||
SELECT DISTINCT username
|
SELECT DISTINCT affected_entity.name
|
||||||
FROM guacamole_user_permission
|
FROM guacamole_user_permission
|
||||||
JOIN guacamole_user ON guacamole_user_permission.affected_user_id = guacamole_user.user_id
|
JOIN guacamole_user affected_user ON guacamole_user_permission.affected_user_id = affected_user.user_id
|
||||||
|
JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_user_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
guacamole_user_permission.entity_id = #{entity.entityID,jdbcType=INTEGER}
|
||||||
AND username IN
|
AND affected_entity.name IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}
|
#{identifier,jdbcType=VARCHAR}
|
||||||
</foreach>
|
</foreach>
|
||||||
AND permission IN
|
AND permission IN
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{permission,jdbcType=VARCHAR}::guacamole_object_permission_type
|
#{permission,jdbcType=VARCHAR}::guacamole_object_permission_type
|
||||||
</foreach>
|
</foreach>
|
||||||
|
AND affected_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -90,16 +92,18 @@
|
|||||||
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<delete id="delete" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
DELETE FROM guacamole_user_permission
|
DELETE FROM guacamole_user_permission
|
||||||
USING guacamole_user affected
|
USING guacamole_user affected_user, guacamole_entity affected_entity
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_user_permission.affected_user_id = affected.user_id
|
guacamole_user_permission.affected_user_id = affected_user.user_id
|
||||||
AND (guacamole_user_permission.user_id, permission, affected.username) IN
|
AND affected_user.entity_id = affected_entity.entity_id
|
||||||
|
AND (guacamole_user_permission.entity_id, permission, affected_entity.name) IN
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
(#{permission.userID,jdbcType=INTEGER},
|
(#{permission.entityID,jdbcType=INTEGER},
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER})
|
#{permission.objectIdentifier,jdbcType=INTEGER})
|
||||||
</foreach>
|
</foreach>
|
||||||
|
AND affected_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
|
||||||
</delete>
|
</delete>
|
||||||
|
|
||||||
@@ -107,26 +111,29 @@
|
|||||||
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
<insert id="insert" parameterType="org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel">
|
||||||
|
|
||||||
INSERT INTO guacamole_user_permission (
|
INSERT INTO guacamole_user_permission (
|
||||||
user_id,
|
entity_id,
|
||||||
permission,
|
permission,
|
||||||
affected_user_id
|
affected_user_id
|
||||||
)
|
)
|
||||||
SELECT DISTINCT
|
SELECT DISTINCT
|
||||||
permissions.user_id,
|
permissions.entity_id,
|
||||||
permissions.permission,
|
permissions.permission,
|
||||||
guacamole_user.user_id
|
affected_user.user_id
|
||||||
FROM
|
FROM
|
||||||
<foreach collection="permissions" item="permission"
|
<foreach collection="permissions" item="permission"
|
||||||
open="(" separator="UNION ALL" close=")">
|
open="(" separator="UNION ALL" close=")">
|
||||||
SELECT #{permission.userID,jdbcType=INTEGER} AS user_id,
|
SELECT #{permission.entityID,jdbcType=INTEGER} AS entity_id,
|
||||||
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
#{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type AS permission,
|
||||||
#{permission.objectIdentifier,jdbcType=INTEGER} AS username
|
#{permission.objectIdentifier,jdbcType=VARCHAR}::text AS affected_name
|
||||||
</foreach>
|
</foreach>
|
||||||
AS permissions
|
AS permissions
|
||||||
JOIN guacamole_user ON guacamole_user.username = permissions.username
|
JOIN guacamole_entity affected_entity ON
|
||||||
WHERE (permissions.user_id, permissions.permission, guacamole_user.user_id) NOT IN (
|
affected_entity.name = permissions.affected_name
|
||||||
|
AND affected_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
JOIN guacamole_user affected_user ON affected_user.entity_id = affected_entity.entity_id
|
||||||
|
WHERE (permissions.entity_id, permissions.permission, affected_user.user_id) NOT IN (
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user_permission.user_id,
|
guacamole_user_permission.entity_id,
|
||||||
guacamole_user_permission.permission,
|
guacamole_user_permission.permission,
|
||||||
guacamole_user_permission.affected_user_id
|
guacamole_user_permission.affected_user_id
|
||||||
FROM guacamole_user_permission
|
FROM guacamole_user_permission
|
||||||
|
|||||||
@@ -52,7 +52,7 @@
|
|||||||
SELECT sharing_profile_id
|
SELECT sharing_profile_id
|
||||||
FROM guacamole_sharing_profile_permission
|
FROM guacamole_sharing_profile_permission
|
||||||
WHERE
|
WHERE
|
||||||
user_id = #{user.objectID,jdbcType=INTEGER}
|
entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -99,7 +99,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
@@ -113,7 +113,7 @@
|
|||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=INTEGER}::integer
|
#{identifier,jdbcType=INTEGER}::integer
|
||||||
</foreach>
|
</foreach>
|
||||||
AND user_id = #{user.objectID,jdbcType=INTEGER}
|
AND entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|||||||
@@ -41,8 +41,9 @@
|
|||||||
guacamole_user_password_history.password_date
|
guacamole_user_password_history.password_date
|
||||||
FROM guacamole_user_password_history
|
FROM guacamole_user_password_history
|
||||||
JOIN guacamole_user ON guacamole_user_password_history.user_id = guacamole_user.user_id
|
JOIN guacamole_user ON guacamole_user_password_history.user_id = guacamole_user.user_id
|
||||||
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_user.username = #{username,jdbcType=VARCHAR}
|
guacamole_entity.name = #{username,jdbcType=VARCHAR}
|
||||||
ORDER BY
|
ORDER BY
|
||||||
guacamole_user_password_history.password_date DESC
|
guacamole_user_password_history.password_date DESC
|
||||||
LIMIT #{maxHistorySize}
|
LIMIT #{maxHistorySize}
|
||||||
|
|||||||
@@ -28,7 +28,8 @@
|
|||||||
|
|
||||||
<!-- User properties -->
|
<!-- User properties -->
|
||||||
<id column="user_id" property="objectID" jdbcType="INTEGER"/>
|
<id column="user_id" property="objectID" jdbcType="INTEGER"/>
|
||||||
<result column="username" property="identifier" jdbcType="VARCHAR"/>
|
<result column="entity_id" property="entityID" jdbcType="INTEGER"/>
|
||||||
|
<result column="name" property="identifier" jdbcType="VARCHAR"/>
|
||||||
<result column="password_hash" property="passwordHash" jdbcType="BINARY"/>
|
<result column="password_hash" property="passwordHash" jdbcType="BINARY"/>
|
||||||
<result column="password_salt" property="passwordSalt" jdbcType="BINARY"/>
|
<result column="password_salt" property="passwordSalt" jdbcType="BINARY"/>
|
||||||
<result column="password_date" property="passwordDate" jdbcType="TIMESTAMP"/>
|
<result column="password_date" property="passwordDate" jdbcType="TIMESTAMP"/>
|
||||||
@@ -57,17 +58,20 @@
|
|||||||
|
|
||||||
<!-- Select all usernames -->
|
<!-- Select all usernames -->
|
||||||
<select id="selectIdentifiers" resultType="string">
|
<select id="selectIdentifiers" resultType="string">
|
||||||
SELECT username
|
SELECT name
|
||||||
FROM guacamole_user
|
FROM guacamole_entity
|
||||||
|
WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<!-- Select usernames of all readable users -->
|
<!-- Select usernames of all readable users -->
|
||||||
<select id="selectReadableIdentifiers" resultType="string">
|
<select id="selectReadableIdentifiers" resultType="string">
|
||||||
SELECT username
|
SELECT guacamole_entity.name
|
||||||
FROM guacamole_user
|
FROM guacamole_user
|
||||||
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
JOIN guacamole_user_permission ON affected_user_id = guacamole_user.user_id
|
JOIN guacamole_user_permission ON affected_user_id = guacamole_user.user_id
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_user_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
guacamole_user_permission.entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -77,7 +81,8 @@
|
|||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user.user_id,
|
guacamole_user.user_id,
|
||||||
guacamole_user.username,
|
guacamole_entity.entity_id,
|
||||||
|
guacamole_entity.name,
|
||||||
password_hash,
|
password_hash,
|
||||||
password_salt,
|
password_salt,
|
||||||
password_date,
|
password_date,
|
||||||
@@ -94,13 +99,15 @@
|
|||||||
organizational_role,
|
organizational_role,
|
||||||
MAX(start_date) AS last_active
|
MAX(start_date) AS last_active
|
||||||
FROM guacamole_user
|
FROM guacamole_user
|
||||||
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
|
LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
|
||||||
WHERE guacamole_user.username IN
|
WHERE guacamole_entity.name IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=VARCHAR}
|
#{identifier,jdbcType=VARCHAR}
|
||||||
</foreach>
|
</foreach>
|
||||||
GROUP BY guacamole_user.user_id;
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
GROUP BY guacamole_user.user_id, guacamole_entity.entity_id;
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user_attribute.user_id,
|
guacamole_user_attribute.user_id,
|
||||||
@@ -108,11 +115,13 @@
|
|||||||
guacamole_user_attribute.attribute_value
|
guacamole_user_attribute.attribute_value
|
||||||
FROM guacamole_user_attribute
|
FROM guacamole_user_attribute
|
||||||
JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
|
JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
|
||||||
WHERE username IN
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE guacamole_entity.name IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=VARCHAR}
|
#{identifier,jdbcType=VARCHAR}
|
||||||
</foreach>;
|
</foreach>
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type;
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
@@ -122,7 +131,8 @@
|
|||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user.user_id,
|
guacamole_user.user_id,
|
||||||
guacamole_user.username,
|
guacamole_entity.entity_id,
|
||||||
|
guacamole_entity.name,
|
||||||
password_hash,
|
password_hash,
|
||||||
password_salt,
|
password_salt,
|
||||||
password_date,
|
password_date,
|
||||||
@@ -139,16 +149,18 @@
|
|||||||
organizational_role,
|
organizational_role,
|
||||||
MAX(start_date) AS last_active
|
MAX(start_date) AS last_active
|
||||||
FROM guacamole_user
|
FROM guacamole_user
|
||||||
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
JOIN guacamole_user_permission ON affected_user_id = guacamole_user.user_id
|
JOIN guacamole_user_permission ON affected_user_id = guacamole_user.user_id
|
||||||
LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
|
LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
|
||||||
WHERE guacamole_user.username IN
|
WHERE guacamole_entity.name IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=VARCHAR}
|
#{identifier,jdbcType=VARCHAR}
|
||||||
</foreach>
|
</foreach>
|
||||||
AND guacamole_user_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
AND guacamole_user_permission.entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ'
|
AND permission = 'READ'
|
||||||
GROUP BY guacamole_user.user_id;
|
GROUP BY guacamole_user.user_id, guacamole_entity.entity_id;
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user_attribute.user_id,
|
guacamole_user_attribute.user_id,
|
||||||
@@ -156,13 +168,15 @@
|
|||||||
guacamole_user_attribute.attribute_value
|
guacamole_user_attribute.attribute_value
|
||||||
FROM guacamole_user_attribute
|
FROM guacamole_user_attribute
|
||||||
JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
|
JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
|
||||||
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
JOIN guacamole_user_permission ON affected_user_id = guacamole_user.user_id
|
JOIN guacamole_user_permission ON affected_user_id = guacamole_user.user_id
|
||||||
WHERE username IN
|
WHERE guacamole_entity.name IN
|
||||||
<foreach collection="identifiers" item="identifier"
|
<foreach collection="identifiers" item="identifier"
|
||||||
open="(" separator="," close=")">
|
open="(" separator="," close=")">
|
||||||
#{identifier,jdbcType=VARCHAR}
|
#{identifier,jdbcType=VARCHAR}
|
||||||
</foreach>
|
</foreach>
|
||||||
AND guacamole_user_permission.user_id = #{user.objectID,jdbcType=INTEGER}
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
AND guacamole_user_permission.entity_id = #{user.entityID,jdbcType=INTEGER}
|
||||||
AND permission = 'READ';
|
AND permission = 'READ';
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
@@ -173,7 +187,8 @@
|
|||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user.user_id,
|
guacamole_user.user_id,
|
||||||
guacamole_user.username,
|
guacamole_entity.entity_id,
|
||||||
|
guacamole_entity.name,
|
||||||
password_hash,
|
password_hash,
|
||||||
password_salt,
|
password_salt,
|
||||||
password_date,
|
password_date,
|
||||||
@@ -190,10 +205,12 @@
|
|||||||
organizational_role,
|
organizational_role,
|
||||||
MAX(start_date) AS last_active
|
MAX(start_date) AS last_active
|
||||||
FROM guacamole_user
|
FROM guacamole_user
|
||||||
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
|
LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_user.username = #{username,jdbcType=VARCHAR}
|
guacamole_entity.name = #{username,jdbcType=VARCHAR}
|
||||||
GROUP BY guacamole_user.user_id;
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
GROUP BY guacamole_user.user_id, guacamole_entity.entity_id;
|
||||||
|
|
||||||
SELECT
|
SELECT
|
||||||
guacamole_user_attribute.user_id,
|
guacamole_user_attribute.user_id,
|
||||||
@@ -201,14 +218,19 @@
|
|||||||
guacamole_user_attribute.attribute_value
|
guacamole_user_attribute.attribute_value
|
||||||
FROM guacamole_user_attribute
|
FROM guacamole_user_attribute
|
||||||
JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
|
JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
|
||||||
WHERE username = #{username,jdbcType=VARCHAR};
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE
|
||||||
|
guacamole_entity.name = #{username,jdbcType=VARCHAR}
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<!-- Delete single user by username -->
|
<!-- Delete single user by username -->
|
||||||
<delete id="delete">
|
<delete id="delete">
|
||||||
DELETE FROM guacamole_user
|
DELETE FROM guacamole_entity
|
||||||
WHERE username = #{identifier,jdbcType=VARCHAR}
|
WHERE
|
||||||
|
name = #{identifier,jdbcType=VARCHAR}
|
||||||
|
AND type = 'USER'::guacamole_entity_type
|
||||||
</delete>
|
</delete>
|
||||||
|
|
||||||
<!-- Insert single user -->
|
<!-- Insert single user -->
|
||||||
@@ -216,7 +238,7 @@
|
|||||||
parameterType="org.apache.guacamole.auth.jdbc.user.UserModel">
|
parameterType="org.apache.guacamole.auth.jdbc.user.UserModel">
|
||||||
|
|
||||||
INSERT INTO guacamole_user (
|
INSERT INTO guacamole_user (
|
||||||
username,
|
entity_id,
|
||||||
password_hash,
|
password_hash,
|
||||||
password_salt,
|
password_salt,
|
||||||
password_date,
|
password_date,
|
||||||
@@ -233,7 +255,7 @@
|
|||||||
organizational_role
|
organizational_role
|
||||||
)
|
)
|
||||||
VALUES (
|
VALUES (
|
||||||
#{object.identifier,jdbcType=VARCHAR},
|
#{object.entityID,jdbcType=VARCHAR},
|
||||||
#{object.passwordHash,jdbcType=BINARY},
|
#{object.passwordHash,jdbcType=BINARY},
|
||||||
#{object.passwordSalt,jdbcType=BINARY},
|
#{object.passwordSalt,jdbcType=BINARY},
|
||||||
#{object.passwordDate,jdbcType=TIMESTAMP},
|
#{object.passwordDate,jdbcType=TIMESTAMP},
|
||||||
|
|||||||
@@ -44,8 +44,9 @@
|
|||||||
guacamole_user_history.end_date
|
guacamole_user_history.end_date
|
||||||
FROM guacamole_user_history
|
FROM guacamole_user_history
|
||||||
JOIN guacamole_user ON guacamole_user_history.user_id = guacamole_user.user_id
|
JOIN guacamole_user ON guacamole_user_history.user_id = guacamole_user.user_id
|
||||||
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
WHERE
|
WHERE
|
||||||
guacamole_user.username = #{username,jdbcType=VARCHAR}
|
guacamole_entity.name = #{username,jdbcType=VARCHAR}
|
||||||
ORDER BY
|
ORDER BY
|
||||||
guacamole_user_history.start_date DESC,
|
guacamole_user_history.start_date DESC,
|
||||||
guacamole_user_history.end_date DESC
|
guacamole_user_history.end_date DESC
|
||||||
@@ -66,7 +67,10 @@
|
|||||||
VALUES (
|
VALUES (
|
||||||
#{record.remoteHost,jdbcType=VARCHAR},
|
#{record.remoteHost,jdbcType=VARCHAR},
|
||||||
(SELECT user_id FROM guacamole_user
|
(SELECT user_id FROM guacamole_user
|
||||||
WHERE username = #{record.username,jdbcType=VARCHAR}),
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE
|
||||||
|
guacamole_entity.name = #{record.username,jdbcType=VARCHAR}
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type),
|
||||||
#{record.username,jdbcType=VARCHAR},
|
#{record.username,jdbcType=VARCHAR},
|
||||||
#{record.startDate,jdbcType=TIMESTAMP},
|
#{record.startDate,jdbcType=TIMESTAMP},
|
||||||
#{record.endDate,jdbcType=TIMESTAMP}
|
#{record.endDate,jdbcType=TIMESTAMP}
|
||||||
@@ -79,7 +83,10 @@
|
|||||||
UPDATE guacamole_user_history
|
UPDATE guacamole_user_history
|
||||||
SET remote_host = #{record.remoteHost,jdbcType=VARCHAR},
|
SET remote_host = #{record.remoteHost,jdbcType=VARCHAR},
|
||||||
user_id = (SELECT user_id FROM guacamole_user
|
user_id = (SELECT user_id FROM guacamole_user
|
||||||
WHERE username = #{record.username,jdbcType=VARCHAR}),
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE
|
||||||
|
guacamole_entity.name = #{record.username,jdbcType=VARCHAR}
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type),
|
||||||
username = #{record.username,jdbcType=VARCHAR},
|
username = #{record.username,jdbcType=VARCHAR},
|
||||||
start_date = #{record.startDate,jdbcType=TIMESTAMP},
|
start_date = #{record.startDate,jdbcType=TIMESTAMP},
|
||||||
end_date = #{record.endDate,jdbcType=TIMESTAMP}
|
end_date = #{record.endDate,jdbcType=TIMESTAMP}
|
||||||
@@ -105,7 +112,10 @@
|
|||||||
guacamole_user_history.user_id IN (
|
guacamole_user_history.user_id IN (
|
||||||
SELECT user_id
|
SELECT user_id
|
||||||
FROM guacamole_user
|
FROM guacamole_user
|
||||||
WHERE POSITION(#{term.term,jdbcType=VARCHAR} IN username) > 0
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE
|
||||||
|
POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type),
|
||||||
)
|
)
|
||||||
|
|
||||||
<if test="term.startDate != null and term.endDate != null">
|
<if test="term.startDate != null and term.endDate != null">
|
||||||
@@ -157,7 +167,10 @@
|
|||||||
guacamole_user_history.user_id IN (
|
guacamole_user_history.user_id IN (
|
||||||
SELECT user_id
|
SELECT user_id
|
||||||
FROM guacamole_user
|
FROM guacamole_user
|
||||||
WHERE POSITION(#{term.term,jdbcType=VARCHAR} IN username) > 0
|
JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
|
||||||
|
WHERE
|
||||||
|
POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
|
||||||
|
AND guacamole_entity.type = 'USER'::guacamole_entity_type
|
||||||
)
|
)
|
||||||
|
|
||||||
<if test="term.startDate != null and term.endDate != null">
|
<if test="term.startDate != null and term.endDate != null">
|
||||||
|
|||||||
Reference in New Issue
Block a user