Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add JPA implementions of UserDao/ProfileDao #1603

Merged
merged 3 commits into from
Jul 1, 2016
Merged

Add JPA implementions of UserDao/ProfileDao #1603

merged 3 commits into from
Jul 1, 2016

Conversation

voievodin
Copy link
Contributor

@voievodin voievodin commented Jun 29, 2016
edited
Loading

Along with JPA implementations i added 2 password encryptors SHA-512 and PBKDF2.
JpaUserDao and JpaProfileDao pass all the TCK prepared before.

@skabashnyuk, @sleshchenko, @garagatyi, @akorneta can you please review.
Please note that this will be merged into the jpa-integration branch which will be merged to the master when all the DAOs are migrated to JPA.

sleshchenko
sleshchenko reviewed Jun 29, 2016
View reviewed changes
...-vendor-h2/src/main/java/org/eclipse/che/api/core/jdbc/jpa/vendor/h2/H2ExceptionHandler.java
*/
public class H2ExceptionHandler implements ExceptionHandler {

// TODO move it from here
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When do you plan remove it?

@benoitf
Copy link
Contributor

benoitf commented Jun 29, 2016
edited
Loading

few remarks:

  • If there are password encryptors, why they're not part of a separated commits as it's not linked to JPA ?
  • why the wheel has been re-invented with TCK modules ? while people are using Arquilian when testing JPA ? http://arquillian.org/guides/testing_java_persistence/
    • che-core-api-jdbc-vendor-h2
      the name is not obvious as it links the module to EclipseLink, while JPA allow to plug any persistence provider. so it should include that it's specific to eclipselink and is not "jdbc" neutral
  • persistence.xml shouldn't be in wsmaster/che-core-api-user/src/main/resources/META-INF/
    it's part of the final assembly as it's where we select the persistence provider, and the database
  • Using container managed instead of JavaSE would have helped as here you've to managed transaction instead of only using annotations
    Using an autocloseable (or an interceptor like it's done in container managed world) should help to avoid to have tons of lines doing. Then you could pickup the transaction strategy (REQUIRED, REQUIRES_NEW, etc)

try {
            manager.getTransaction().begin();

// do something

           manager.getTransaction().commit();
        } finally {
            if (manager.getTransaction().isActive()) {
               manager.getTransaction().rollback();
            }
            manager.close();
       }

@voievodin
Copy link
Contributor Author

voievodin commented Jun 29, 2016
edited
Loading

If there are password encryptors, why they're not part of a separated commits as it's not linked to JPA ?

np, i will extract ecnryptors code to the different commit.

why the wheel has been re-invented with TCK modules ? while people are using Arquilian when testing JPA ? http://arquillian.org/guides/testing_java_persistence

Current TCK approach allows us use the same tests for different implementations Local/Ldap/Jpa.
Can Arquilian resolve this?

che-core-api-jdbc-vendor-h2 the name is not obvious as it links the module to EclipseLink, while JPA allow to plug any persistence provider. so it should include that it's specific to eclipselink and is not "jdbc" neutral

che-core-api-jdbc module contains common error codes and error codes mapper astraction used by daos, che-core-api-jdbc-vendor-h2 provides an implementation of error codes mapper specific for h2, while error codes are jdbc errors.
I will move code specific to eclipse link to the dedicated jpa/eclipselink package are you okay with that?

persistence.xml shouldn't be in wsmaster/che-core-api-user/src/main/resources/META-INF/
it's part of the final assembly as it's where we select the persistence provider, and the database

okay thank you, i am using it for test purposes only, so i will remove it from there.

Using container managed instead of JavaSE would have helped as here you've to managed transaction instead of only using annotations
Using an autocloseable (or an interceptor like it's done in container managed world) should help to avoid to have tons of lines doing. Then you could pickup the transaction strategy (REQUIRED, REQUIRES_NEW, etc)

We will use this annotation, i will introduce it with next pull request, right now alot of things depend on this pull request that's why we decided to merge it asap which allows me and guys to work on jpa implementations separately.

@benoitf
Copy link
Contributor

benoitf commented Jun 29, 2016

If there are password encryptors, why they're not part of a separated commits as it's not linked to JPA ?

np, i will extract ecnryptors code to the different commit.

thx

why the wheel has been re-invented with TCK modules ? while people are using Arquilian when testing JPA ? http://arquillian.org/guides/testing_java_persistence

Current TCK approach allows us use the same tests for different implementations Local/Ldap/Jpa.
Can Arquilian resolve this?

It allows to test with different JPA providers and different database as well
also it's a Container Agnostic framework and allow plugability.

che-core-api-jdbc-vendor-h2 the name is not obvious as it links the module to EclipseLink, while JPA allow to plug any persistence provider. so it should include that it's specific to eclipselink and is not "jdbc" neutral

che-core-api-jdbc module contains common error codes and error codes mapper astraction used by >daos, che-core-api-jdbc-vendor-h2 provides an implementation of error codes mapper specific for h2, >while error codes are jdbc errors.
I will move code specific to eclipse link to the dedicated jpa/eclipselink package are you okay with >that?

sure

persistence.xml shouldn't be in wsmaster/che-core-api-user/src/main/resources/META-INF/
it's part of the final assembly as it's where we select the persistence provider, and the database

okay thank you, i am using it for test purposes only, so i will remove it from there.

ok

Using container managed instead of JavaSE would have helped as here you've to managed >>transaction instead of only using annotations
Using an autocloseable (or an interceptor like it's done in container managed world) should help to >>avoid to have tons of lines doing. Then you could pickup the transaction strategy (REQUIRED, >>REQUIRES_NEW, etc)

We will use this annotation, i will introduce it with >next pull request, right now alot of things depend on this pull request that's why we decided to merge it >asap which allows me and guys to work on jpa implementations separately.

Yes this Guice stuff or better, CDI, which offer more stuff around Java EE component will allow more possibilities around PersistenceContext

@codenvy-ci
Copy link

Build success. http://ci.codenvy-dev.com/jenkins/job/che-pullrequests-build/1056/

garagatyi
garagatyi reviewed Jun 30, 2016
View reviewed changes
core/che-core-api-core/src/main/java/org/eclipse/che/security/PBKDF2PasswordEncryptor.java
final Integer iterations = tryParse(firstNonNull(matcher.group("iterations"), ""));
final String salt = matcher.group("saltHash");
final String pwdHash = matcher.group("pwdHash");
if (salt == null || iterations == null || iterations <= 0 || pwdHash == null) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Encrypted password matches regexp and regexp require 1+ symbols in each group. It looks like NULL checks are not needed.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mean salt and pwdHash

@codenvy-ci
Copy link

Build success. http://ci.codenvy-dev.com/jenkins/job/che-pullrequests-build/1083/

@voievodin
Copy link
Contributor Author

Pull request updated, @benoitf @skabashnyuk please check

garagatyi
garagatyi reviewed Jul 1, 2016
View reviewed changes
core/che-core-api-core/src/main/java/org/eclipse/che/security/PBKDF2PasswordEncryptor.java
return false;
}
// retrieve salt, password hash and iterations count from hash
final Integer iterations = tryParse(firstNonNull(matcher.group("iterations"), ""));
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think group can't be Null in that case

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, thank you!

@benoitf
Copy link
Contributor

benoitf commented Jul 1, 2016

ok

@skabashnyuk
Copy link
Contributor

ok

@garagatyi
Copy link

LGTM

@codenvy-ci
Copy link

Build # 1091 - FAILED

Please check console output at http://ci.codenvy-dev.com/jenkins/job/che-pullrequests-build/1091/ to view the results.

@voievodin voievodin merged commit 47afe20 into jpa-integration Jul 1, 2016
@voievodin voievodin deleted the user-jpa branch July 1, 2016 14:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@voievodin @benoitf @codenvy-ci @skabashnyuk @garagatyi @sleshchenko