GUACAMOLE-462: Retrieve individual database history records directly (by ID).

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ActivityRecordMapper.java

@@ -71,6 +71,11 @@ public interface ActivityRecordMapper<ModelType> {
      *     retrieved, or null if records related to any such object should be
      *     retrieved.
      *
+     * @param recordIdentifier
+     *     The identifier of the specific history record to retrieve, if not
+     *     all matching records. Search terms, etc. will still be applied to
+     *     the single record.
+     *
      * @param terms
      *     The search terms that must match the returned records.
      *
@@ -85,6 +90,7 @@ public interface ActivityRecordMapper<ModelType> {
      *     The results of the search performed with the given parameters.
      */
     List<ModelType> search(@Param("identifier") String identifier,
+            @Param("recordIdentifier") String recordIdentifier,
             @Param("terms") Collection<ActivityRecordSearchTerm> terms,
             @Param("sortPredicates") List<ActivityRecordSortPredicate> sortPredicates,
             @Param("limit") int limit);
@@ -106,6 +112,11 @@ public interface ActivityRecordMapper<ModelType> {
      *    The user whose permissions should determine whether a record is
      *    returned.
      *
+     * @param recordIdentifier
+     *     The identifier of the specific history record to retrieve, if not
+     *     all matching records. Search terms, etc. will still be applied to
+     *     the single record.
+     *
      * @param terms
      *     The search terms that must match the returned records.
      *
@@ -127,6 +138,7 @@ public interface ActivityRecordMapper<ModelType> {
      */
     List<ModelType> searchReadable(@Param("identifier") String identifier,
             @Param("user") UserModel user,
+            @Param("recordIdentifier") String recordIdentifier,
             @Param("terms") Collection<ActivityRecordSearchTerm> terms,
             @Param("sortPredicates") List<ActivityRecordSortPredicate> sortPredicates,
             @Param("limit") int limit,

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledActivityRecordSet.java

@@ -29,6 +29,8 @@ import org.apache.guacamole.net.auth.ActivityRecord;
 import org.apache.guacamole.net.auth.ActivityRecordSet;
 import org.apache.guacamole.net.auth.ActivityRecordSet.SortableProperty;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * A JDBC implementation of ActivityRecordSet. Calls to asCollection() will
@@ -41,6 +43,11 @@ import org.apache.guacamole.net.auth.AuthenticatedUser;
 public abstract class ModeledActivityRecordSet<RecordType extends ActivityRecord>
         extends RestrictedObject implements ActivityRecordSet<RecordType> {
 
+    /**
+     * Logger for this class.
+     */
+    private static final Logger logger = LoggerFactory.getLogger(ModeledActivityRecordSet.class);
+    
     /**
      * The set of strings that each must occur somewhere within the returned 
      * records, whether within the associated username, an associated date, or
@@ -73,6 +80,11 @@ public abstract class ModeledActivityRecordSet<RecordType extends ActivityRecord
      * @param user
      *     The user retrieving the history.
      *
+     * @param recordIdentifier
+     *     The identifier of the specific history record to retrieve, if not
+     *     all matching records. Search terms, etc. will still be applied to
+     *     the single record.
+     *
      * @param requiredContents
      *     The search terms that must be contained somewhere within each of the
      *     returned records.
@@ -90,16 +102,35 @@ public abstract class ModeledActivityRecordSet<RecordType extends ActivityRecord
      * @throws GuacamoleException
      *     If permission to read the history records is denied.
      */
-    protected abstract Collection<RecordType> retrieveHistory(
-            AuthenticatedUser user,
+    protected abstract List<RecordType> retrieveHistory(
+            AuthenticatedUser user, String recordIdentifier,
             Set<ActivityRecordSearchTerm> requiredContents,
             List<ActivityRecordSortPredicate> sortPredicates,
             int limit) throws GuacamoleException;
 
+    @Override
+    public RecordType get(String identifier) throws GuacamoleException {
+
+        List<RecordType> records = retrieveHistory(getCurrentUser(),
+                identifier, requiredContents, sortPredicates, limit);
+
+        if (records.isEmpty())
+            return null;
+
+        if (records.size() == 1)
+            return records.get(0);
+
+        logger.warn("Multiple history records match ID \"{}\"! This should "
+                + "not be possible and may indicate a bug or database "
+                + "corruption.", identifier);
+        return null;
+
+    }
+
     @Override
     public Collection<RecordType> asCollection()
             throws GuacamoleException {
-        return retrieveHistory(getCurrentUser(), requiredContents,
+        return retrieveHistory(getCurrentUser(), null, requiredContents,
                 sortPredicates, limit);
     }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordSet.java

@@ -20,7 +20,6 @@
 package org.apache.guacamole.auth.jdbc.connection;
 
 import com.google.inject.Inject;
-import java.util.Collection;
 import java.util.List;
 import java.util.Set;
 import java.util.UUID;
@@ -79,14 +78,15 @@ public class ConnectionRecordSet extends ModeledActivityRecordSet<ConnectionReco
     }
     
     @Override
-    protected Collection<ConnectionRecord> retrieveHistory(
-            AuthenticatedUser user, Set<ActivityRecordSearchTerm> requiredContents,
-            List<ActivityRecordSortPredicate> sortPredicates, int limit)
-            throws GuacamoleException {
+    protected List<ConnectionRecord> retrieveHistory(
+            AuthenticatedUser user, String recordIdentifier,
+            Set<ActivityRecordSearchTerm> requiredContents,
+            List<ActivityRecordSortPredicate> sortPredicates,
+            int limit) throws GuacamoleException {
 
         // Retrieve history from database
         return connectionService.retrieveHistory(identifier, getCurrentUser(),
-                requiredContents, sortPredicates, limit);
+                recordIdentifier, requiredContents, sortPredicates, limit);
 
     }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java

@@ -390,40 +390,6 @@ public class ConnectionService extends ModeledChildDirectoryObjectService<Modele
  
     }
 
-    /**
-     * Retrieves the connection history of the given connection, including any
-     * active connections.
-     *
-     * @param user
-     *     The user retrieving the connection history.
-     *
-     * @param connection
-     *     The connection whose history is being retrieved.
-     *
-     * @return
-     *     The connection history of the given connection, including any
-     *     active connections.
-     *
-     * @throws GuacamoleException
-     *     If permission to read the connection history is denied.
-     */
-    public List<ConnectionRecord> retrieveHistory(ModeledAuthenticatedUser user,
-            ModeledConnection connection) throws GuacamoleException {
-
-        String identifier = connection.getIdentifier();
-        
-        // Get current active connections.
-        List<ConnectionRecord> records = new ArrayList<>(tunnelService.getActiveConnections(connection));
-        Collections.reverse(records);
-        
-        // Add in the history records.
-        records.addAll(retrieveHistory(identifier, user, Collections.emptyList(),
-                Collections.emptyList(), Integer.MAX_VALUE));
-        
-        return records;
-
-    }
-
     /**
      * Retrieves the connection history records matching the given criteria.
      * Retrieves up to <code>limit</code> connection history records matching
@@ -437,6 +403,11 @@ public class ConnectionService extends ModeledChildDirectoryObjectService<Modele
      * @param user
      *     The user retrieving the connection history.
      *
+     * @param recordIdentifier
+     *     The identifier of the specific history record to retrieve, if not
+     *     all matching records. Search terms, etc. will still be applied to
+     *     the single record.
+     *
      * @param requiredContents
      *     The search terms that must be contained somewhere within each of the
      *     returned records.
@@ -456,7 +427,7 @@ public class ConnectionService extends ModeledChildDirectoryObjectService<Modele
      *     If permission to read the connection history is denied.
      */
     public List<ConnectionRecord> retrieveHistory(String identifier,
-            ModeledAuthenticatedUser user,
+            ModeledAuthenticatedUser user, String recordIdentifier,
             Collection<ActivityRecordSearchTerm> requiredContents,
             List<ActivityRecordSortPredicate> sortPredicates, int limit)
             throws GuacamoleException {
@@ -465,55 +436,20 @@ public class ConnectionService extends ModeledChildDirectoryObjectService<Modele
 
         // Bypass permission checks if the user is privileged
         if (user.isPrivileged())
-            searchResults = connectionRecordMapper.search(identifier, requiredContents,
-                    sortPredicates, limit);
+            searchResults = connectionRecordMapper.search(identifier,
+                    recordIdentifier, requiredContents, sortPredicates, limit);
 
         // Otherwise only return explicitly readable history records
         else
             searchResults = connectionRecordMapper.searchReadable(identifier,
-                    user.getUser().getModel(), requiredContents, sortPredicates,
-                    limit, user.getEffectiveUserGroups());
+                    user.getUser().getModel(), recordIdentifier,
+                    requiredContents, sortPredicates, limit,
+                    user.getEffectiveUserGroups());
 
         return getObjectInstances(searchResults);
 
     }
 
-    /**
-     * Retrieves the connection history records matching the given criteria.
-     * Retrieves up to <code>limit</code> connection history records matching
-     * the given terms and sorted by the given predicates. Only history records
-     * associated with data that the given user can read are returned.
-     * 
-     * @param user
-     *     The user retrieving the connection history.
-     *
-     * @param requiredContents
-     *     The search terms that must be contained somewhere within each of the
-     *     returned records.
-     *
-     * @param sortPredicates
-     *     A list of predicates to sort the returned records by, in order of
-     *     priority.
-     *
-     * @param limit
-     *     The maximum number of records that should be returned.
-     *
-     * @return
-     *     The connection history of the given connection, including any
-     *     active connections.
-     *
-     * @throws GuacamoleException
-     *     If permission to read the connection history is denied.
-     */
-    public List<ConnectionRecord> retrieveHistory(ModeledAuthenticatedUser user,
-            Collection<ActivityRecordSearchTerm> requiredContents,
-            List<ActivityRecordSortPredicate> sortPredicates, int limit)
-            throws GuacamoleException {
-        
-        return retrieveHistory(null, user, requiredContents, sortPredicates, limit);
-        
-    }
-
     /**
      * Connects to the given connection as the given user, using the given
      * client information. If the user does not have permission to read the

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserRecordSet.java

@@ -20,7 +20,6 @@
 package org.apache.guacamole.auth.jdbc.user;
 
 import com.google.inject.Inject;
-import java.util.Collection;
 import java.util.List;
 import java.util.Set;
 import java.util.UUID;
@@ -80,14 +79,15 @@ public class UserRecordSet extends ModeledActivityRecordSet<ActivityRecord> {
     }
     
     @Override
-    protected Collection<ActivityRecord> retrieveHistory(
-            AuthenticatedUser user, Set<ActivityRecordSearchTerm> requiredContents,
+    protected List<ActivityRecord> retrieveHistory(
+            AuthenticatedUser user, String recordIdentifier,
+            Set<ActivityRecordSearchTerm> requiredContents,
             List<ActivityRecordSortPredicate> sortPredicates, int limit)
             throws GuacamoleException {
 
         // Retrieve history from database
         return userService.retrieveHistory(identifier, getCurrentUser(),
-                requiredContents, sortPredicates, limit);
+                recordIdentifier, requiredContents, sortPredicates, limit);
 
     }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java

@@ -572,32 +572,6 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
 
     }
 
-    /**
-     * Retrieves the login history of the given user, including any active
-     * sessions.
-     *
-     * @param authenticatedUser
-     *     The user retrieving the login history.
-     *
-     * @param user
-     *     The user whose history is being retrieved.
-     *
-     * @return
-     *     The login history of the given user, including any active sessions.
-     *
-     * @throws GuacamoleException
-     *     If permission to read the login history is denied.
-     */
-    public List<ActivityRecord> retrieveHistory(ModeledAuthenticatedUser authenticatedUser,
-            ModeledUser user) throws GuacamoleException {
-
-        String username = user.getIdentifier();
-        
-        return retrieveHistory(username, authenticatedUser, Collections.emptyList(),
-                Collections.emptyList(), Integer.MAX_VALUE);
-
-    }
-
     /**
      * Retrieves user login history records matching the given criteria.
      * Retrieves up to <code>limit</code> user history records matching the
@@ -611,6 +585,11 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
      * @param user
      *     The user retrieving the login history.
      *
+     * @param recordIdentifier
+     *     The identifier of the specific history record to retrieve, if not
+     *     all matching records. Search terms, etc. will still be applied to
+     *     the single record.
+     *
      * @param requiredContents
      *     The search terms that must be contained somewhere within each of the
      *     returned records.
@@ -629,7 +608,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
      *     If permission to read the user login history is denied.
      */
     public List<ActivityRecord> retrieveHistory(String username,
-            ModeledAuthenticatedUser user,
+            ModeledAuthenticatedUser user, String recordIdentifier,
             Collection<ActivityRecordSearchTerm> requiredContents,
             List<ActivityRecordSortPredicate> sortPredicates, int limit)
             throws GuacamoleException {
@@ -638,52 +617,18 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
 
         // Bypass permission checks if the user is privileged
         if (user.isPrivileged())
-            searchResults = userRecordMapper.search(username, requiredContents,
-                    sortPredicates, limit);
+            searchResults = userRecordMapper.search(username, recordIdentifier,
+                    requiredContents, sortPredicates, limit);
 
         // Otherwise only return explicitly readable history records
         else
             searchResults = userRecordMapper.searchReadable(username, 
-                    user.getUser().getModel(),
-                    requiredContents, sortPredicates, limit, user.getEffectiveUserGroups());
+                    user.getUser().getModel(), recordIdentifier,
+                    requiredContents, sortPredicates, limit,
+                    user.getEffectiveUserGroups());
 
         return getObjectInstances(searchResults);
 
     }
 
-    /**
-     * Retrieves user login history records matching the given criteria.
-     * Retrieves up to <code>limit</code> user history records matching the
-     * given terms and sorted by the given predicates. Only history records
-     * associated with data that the given user can read are returned.
-     * 
-     * @param user
-     *     The user retrieving the login history.
-     *
-     * @param requiredContents
-     *     The search terms that must be contained somewhere within each of the
-     *     returned records.
-     *
-     * @param sortPredicates
-     *     A list of predicates to sort the returned records by, in order of
-     *     priority.
-     *
-     * @param limit
-     *     The maximum number of records that should be returned.
-     *
-     * @return
-     *     The login history of the given user, including any active sessions.
-     *
-     * @throws GuacamoleException
-     *     If permission to read the user login history is denied.
-     */
-    public List<ActivityRecord> retrieveHistory(ModeledAuthenticatedUser user,
-            Collection<ActivityRecordSearchTerm> requiredContents,
-            List<ActivityRecordSortPredicate> sortPredicates, int limit)
-            throws GuacamoleException {
-        
-        return retrieveHistory(null, user, requiredContents, sortPredicates, limit);
-        
-    }
-
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordMapper.xml

@@ -98,8 +98,12 @@
         <!-- Search terms -->
         <where>
 
+            <if test="recordIdentifier != null">
+                guacamole_connection_history.history_id = #{recordIdentifier,jdbcType=VARCHAR}
+            </if>
+
             <if test="identifier != null">
-                guacamole_connection_history.connection_id = #{identifier,jdbcType=VARCHAR}
+                AND guacamole_connection_history.connection_id = #{identifier,jdbcType=VARCHAR}
             </if>
             
             <foreach collection="terms" item="term" open=" AND " separator=" AND ">
@@ -164,8 +168,12 @@
         <!-- Search terms -->
         <where>
 
+            <if test="recordIdentifier != null">
+                guacamole_connection_history.history_id = #{recordIdentifier,jdbcType=VARCHAR}
+            </if>
+
             <!-- Restrict to readable connections -->
-            guacamole_connection_history.connection_id IN (
+            AND guacamole_connection_history.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
                     <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
                     <property name="groups"   value="effectiveGroups"/>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordMapper.xml

@@ -96,8 +96,12 @@
         <!-- Search terms -->
         <where>
 
+            <if test="recordIdentifier != null">
+                guacamole_connection_history.history_id = #{recordIdentifier,jdbcType=INTEGER}::integer
+            </if>
+
             <if test="identifier != null">
-                guacamole_connection_history.connection_id = #{identifier,jdbcType=INTEGER}::integer
+                AND guacamole_connection_history.connection_id = #{identifier,jdbcType=INTEGER}::integer
             </if>
 
             <foreach collection="terms" item="term" open=" AND " separator=" AND ">
@@ -162,8 +166,12 @@
         <!-- Search terms -->
         <where>
 
+            <if test="recordIdentifier != null">
+                guacamole_connection_history.history_id = #{recordIdentifier,jdbcType=INTEGER}::integer
+            </if>
+
             <!-- Restrict to readable connections -->
-            guacamole_connection_history.connection_id IN (
+            AND guacamole_connection_history.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
                     <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
                     <property name="groups"   value="effectiveGroups"/>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordMapper.xml

@@ -96,8 +96,12 @@
         <!-- Search terms -->
         <where>
 
+            <if test="recordIdentifier != null">
+                [guacamole_connection_history].history_id = #{recordIdentifier,jdbcType=INTEGER}
+            </if>
+
             <if test="identifier != null">
-                [guacamole_connection_history].connection_id = #{identifier,jdbcType=INTEGER}
+                AND [guacamole_connection_history].connection_id = #{identifier,jdbcType=INTEGER}
             </if>
             
             <foreach collection="terms" item="term" open=" AND " separator=" AND ">
@@ -160,8 +164,12 @@
         <!-- Search terms -->
         <where>
 
+            <if test="recordIdentifier != null">
+                [guacamole_connection_history].history_id = #{recordIdentifier,jdbcType=INTEGER}
+            </if>
+
             <!-- Restrict to readable connections -->
-            [guacamole_connection_history].connection_id IN (
+            AND [guacamole_connection_history].connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
                     <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
                     <property name="groups"   value="effectiveGroups"/>