Revision 1453
Added by Jing Tao almost 22 years ago
src/edu/ucsb/nceas/metacat/QuerySpecification.java | ||
---|---|---|
716 | 716 |
|
717 | 717 |
/** This sql command will selecet startnodeid and endnodeid that user can NOT |
718 | 718 |
* access |
719 |
*/ |
|
719 |
*/
|
|
720 | 720 |
public String printAccessControlSQLForReturnField(String doclist) |
721 | 721 |
{ |
722 | 722 |
StringBuffer sql = new StringBuffer(); |
... | ... | |
727 | 727 |
sql.append(doclist); |
728 | 728 |
sql.append(") AND startnodeid IS NOT NULL AND "); |
729 | 729 |
sql.append("("); |
730 |
sql.append("("); |
|
731 |
sql.append("startnodeid NOT IN (SELECT startnodeid from xml_access, xml_documents "); |
|
732 |
sql.append(" WHERE xml_access.docid = xml_documents.docid"); |
|
733 |
sql.append(" AND xml_documents.user_owner ='"); |
|
734 |
sql.append(userName); |
|
735 |
sql.append("')"); |
|
736 |
sql.append(")"); |
|
737 |
sql.append(" AND "); |
|
738 |
sql.append("("); |
|
730 | 739 |
sql.append("(startnodeid NOT IN (SELECT startnodeid from xml_access where "); |
731 | 740 |
sql.append(allowString); |
732 | 741 |
sql.append(")"); |
... | ... | |
736 | 745 |
sql.append(")"); |
737 | 746 |
sql.append(")"); |
738 | 747 |
sql.append(")"); |
748 |
sql.append(")"); |
|
739 | 749 |
MetaCatUtil.debugMessage("accessControlSQLForReturnField: " + |
740 | 750 |
sql.toString(), 30); |
741 | 751 |
return sql.toString(); |
Also available in: Unified diff
Revise the sql for access control for return fields.