SAK-28186 Concurrent hits to DA from the same session can consume CPU

git-svn-id: https://source.sakaiproject.org/svn/delegatedaccess/trunk@316020 66ffb92e-73f9-0310-93c1-f5514f145a0a
gexingfeiyang · Dec 15, 2014 · d9cd440 · d9cd440
1 parent 735daff
commit d9cd440
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 22 deletions.
diff --git a/...ccess/impl/src/java/org/sakaiproject/delegatedaccess/dao/impl/DelegatedAccessDaoImpl.java b/...ccess/impl/src/java/org/sakaiproject/delegatedaccess/dao/impl/DelegatedAccessDaoImpl.java
@@ -144,14 +144,17 @@ public Map<String, List<String>> getNodesBySiteRef(String[] siteRefs, String hie
 				String query = getStatement("select.hierarchyNode");
 				String inParams = "(";
 				for(int i = 0; i < subSiteRefs.length; i++){
-					inParams += "'" + subSiteRefs[i].replace("'", "''") + "'"; //escape apostrophe
+					inParams += "?";
 					if(i < subSiteRefs.length - 1){
 						inParams += ",";
 					}
 				}
 				inParams += ")";
-				query = query.replace("(?)", inParams);
-				List<String[]> results =  (List<String[]>) getJdbcTemplate().query(query, new Object[]{hierarchyId}, new RowMapper() {
+				query = query.replace("(?)", inParams);				
+				List<String> parameters = new ArrayList<String>();
+				parameters.add(hierarchyId);
+				parameters.addAll(Arrays.asList(subSiteRefs));
+				List<String[]> results =  (List<String[]>) getJdbcTemplate().query(query, parameters.toArray(), new RowMapper() {
 
 					public Object mapRow(ResultSet resultSet, int i) throws SQLException {
 						return new String[]{resultSet.getString("title"), resultSet.getString("ID")};
@@ -253,14 +256,17 @@ public void removeSiteProperty(String[] siteIds, String propertyName){
 
 				String inParams = "(";
 				for(int i = 0; i < subSiteRefs.length; i++){
-					inParams += "'" + subSiteRefs[i].replace("'", "''") + "'";
+					inParams += "?";
 					if(i < subSiteRefs.length - 1){
 						inParams += ",";
 					}
 				}
 				inParams += ")";
-				query1 = query1.replace("(?)", inParams);
-				getJdbcTemplate().update(query1, new Object[]{propertyName});
+				query1 = query1.replace("(?)", inParams);		
+				List<String> parameters = new ArrayList<String>();
+				parameters.add(propertyName);
+				parameters.addAll(Arrays.asList(subSiteRefs));
+				getJdbcTemplate().update(query1, parameters.toArray());
 				subArrayIndex = subArrayIndex + subArraySize;
 			}while(subArrayIndex < siteIds.length);
 		}catch (DataAccessException ex) {
@@ -418,14 +424,17 @@ public Map<String, Set<String>> getNodesAndPermsForUser(String userId, String[]
 				String query = getStatement("select.nodes.and.perms.for.user");
 				String inParams = "(";
 				for(int i = 0; i < subSiteRefs.length; i++){
-					inParams += "'" + subSiteRefs[i].replace("'", "''") + "'";
+					inParams += "?";
 					if(i < subSiteRefs.length - 1){
 						inParams += ",";
 					}
 				}
 				inParams += ")";
-				query = query.replace("(?)", inParams);
-				List<String[]> results =  (List<String[]>) getJdbcTemplate().query(query, new Object[]{userId}, new RowMapper() {
+				query = query.replace("(?)", inParams);		
+				List<String> parameters = new ArrayList<String>();
+				parameters.add(userId);
+				parameters.addAll(Arrays.asList(subSiteRefs));				
+				List<String[]> results =  (List<String[]>) getJdbcTemplate().query(query, parameters.toArray(), new RowMapper() {
 
 					public Object mapRow(ResultSet resultSet, int i) throws SQLException {
 						return new String[]{resultSet.getString("NODEID"), resultSet.getString("PERMISSION")};
@@ -474,14 +483,14 @@ public List<String> findActiveSites(String[] siteIds){
 				String query = getStatement("select.activeSites");
 				String inParams = "(";
 				for(int i = 0; i < subSiteRefs.length; i++){
-					inParams += "'" + subSiteRefs[i].replace("'", "''") + "'";
+					inParams += "?";
 					if(i < subSiteRefs.length - 1){
 						inParams += ",";
 					}
 				}
 				inParams += ")";
 				query = query.replace("(?)", inParams);
-				List<String> results =  (List<String>) getJdbcTemplate().query(query, new RowMapper() {
+				List<String> results =  (List<String>) getJdbcTemplate().query(query,subSiteRefs,new RowMapper() {
 					public Object mapRow(ResultSet resultSet, int i) throws SQLException {
 						return resultSet.getString("SITE_ID");
 					}
@@ -518,16 +527,16 @@ public void removeAnonAndAuthRoles(String[] siteRefs){
 
 				String inParams = "(";
 				for(int i = 0; i < subSiteRefs.length; i++){
-					inParams += "'" + subSiteRefs[i].replace("'", "''") + "'";
+					inParams += "?";
 					if(i < subSiteRefs.length - 1){
 						inParams += ",";
 					}
 				}
 				inParams += ")";
 				query1 = query1.replace("(?)", inParams);
 				query2 = query2.replace("(?)", inParams);
-				getJdbcTemplate().update(query1);
-				getJdbcTemplate().update(query2);
+				getJdbcTemplate().update(query1,subSiteRefs);
+				getJdbcTemplate().update(query2,subSiteRefs);
 				subArrayIndex = subArrayIndex + subArraySize;
 			}while(subArrayIndex < siteRefs.length);
 		}catch (DataAccessException ex) {
@@ -553,16 +562,24 @@ public void copyRole(String fromRealm, String fromRole, String[] toRealm, String
 
 				String inParams = "(";
 				for(int i = 0; i < subSiteRefs.length; i++){
-					inParams += "'" + subSiteRefs[i].replace("'", "''") + "'";
+					inParams += "?";
 					if(i < subSiteRefs.length - 1){
 						inParams += ",";
 					}
 				}
 				inParams += ")";
 				query1 = query1.replace("(?)", inParams);
 				query2 = query2.replace("(?)", inParams);
-				getJdbcTemplate().update(query1, new Object[]{fromRealm, fromRole, toRole});
-				getJdbcTemplate().update(query2, new Object[]{toRole});
+				List<String> parameters1 = new ArrayList<String>();
+				parameters1.addAll(Arrays.asList(subSiteRefs));
+				parameters1.add(fromRealm);
+				parameters1.add(fromRole);
+				parameters1.add(toRole);				
+				List<String> parameters2 = new ArrayList<String>();
+				parameters2.addAll(Arrays.asList(subSiteRefs));
+				parameters2.add(toRole);
+				getJdbcTemplate().update(query1, parameters1.toArray());
+				getJdbcTemplate().update(query2, parameters2.toArray());
 				subArrayIndex = subArrayIndex + subArraySize;
 			}while(subArrayIndex < toRealm.length);
 		}catch (DataAccessException ex) {
@@ -601,14 +618,14 @@ public List<String> getSitesWithDelegatedAccessTool(String[] siteIds){
 				String query = getStatement("select.delegatedaccess.user.hasworkspacetool");
 				String inParams = "(";
 				for(int i = 0; i < subSiteRefs.length; i++){
-					inParams += "'" + subSiteRefs[i].replace("'", "''") + "'";
+					inParams += "?";
 					if(i < subSiteRefs.length - 1){
 						inParams += ",";
 					}
 				}
 				inParams += ")";
 				query = query.replace("(?)", inParams);
-				List<String> results =  (List<String>) getJdbcTemplate().query(query, new RowMapper() {
+				List<String> results =  (List<String>) getJdbcTemplate().query(query, subSiteRefs, new RowMapper() {
 					public Object mapRow(ResultSet resultSet, int i) throws SQLException {
 						return resultSet.getString("SITE_ID");
 					}

diff --git a/delegatedaccess/impl/src/java/org/sakaiproject/delegatedaccess/logic/ProjectLogicImpl.java b/delegatedaccess/impl/src/java/org/sakaiproject/delegatedaccess/logic/ProjectLogicImpl.java
@@ -23,6 +23,7 @@
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.Date;
+import java.util.concurrent.ConcurrentHashMap;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -1769,7 +1770,7 @@ private Map<String, AccessNode> grantAccessToSites(List<String> siteRefs, boolea
 		if(useSession){
 			session = sakaiProxy.getCurrentSession();
 		}
-		Map<String, String[]> deniedAuthToolsMap = new HashMap<String, String[]>();
+		Map<String, String[]> deniedAuthToolsMap = new ConcurrentHashMap<String, String[]>();
 		if(useSession){
 			//only worry about the session for non shopping period queries
 			Object sessionDeniedToolsMap = session.getAttribute(DelegatedAccessConstants.SESSION_ATTRIBUTE_DENIED_TOOLS);
@@ -1778,7 +1779,7 @@ private Map<String, AccessNode> grantAccessToSites(List<String> siteRefs, boolea
 			}
 		}
 
-		Map<String, String[]> deniedPublicToolsMap = new HashMap<String, String[]>();
+		Map<String, String[]> deniedPublicToolsMap = new ConcurrentHashMap<String, String[]>();
 		if(useSession){
 			//only worry about the session for non shopping period queries
 			Object sessionDeniedTools2Map = session.getAttribute(DelegatedAccessConstants.SESSION_ATTRIBUTE_DENIED_TOOLS2);
@@ -1787,7 +1788,7 @@ private Map<String, AccessNode> grantAccessToSites(List<String> siteRefs, boolea
 			}
 		}
 
-		Map<String, String[]> accessMap = new HashMap<String, String[]>();
+		Map<String, String[]> accessMap = new ConcurrentHashMap<String, String[]>();
 		if(useSession){
 			//only worry about the session for non shopping period queries
 			Object sessionaccessMap = session.getAttribute(DelegatedAccessConstants.SESSION_ATTRIBUTE_ACCESS_MAP);