Revision 1453
Added by Jing Tao over 21 years ago
| QuerySpecification.java | ||
|---|---|---|
| 716 | 716 |
|
| 717 | 717 |
/** This sql command will selecet startnodeid and endnodeid that user can NOT |
| 718 | 718 |
* access |
| 719 |
*/ |
|
| 719 |
*/
|
|
| 720 | 720 |
public String printAccessControlSQLForReturnField(String doclist) |
| 721 | 721 |
{
|
| 722 | 722 |
StringBuffer sql = new StringBuffer(); |
| ... | ... | |
| 727 | 727 |
sql.append(doclist); |
| 728 | 728 |
sql.append(") AND startnodeid IS NOT NULL AND ");
|
| 729 | 729 |
sql.append("(");
|
| 730 |
sql.append("(");
|
|
| 731 |
sql.append("startnodeid NOT IN (SELECT startnodeid from xml_access, xml_documents ");
|
|
| 732 |
sql.append(" WHERE xml_access.docid = xml_documents.docid");
|
|
| 733 |
sql.append(" AND xml_documents.user_owner ='");
|
|
| 734 |
sql.append(userName); |
|
| 735 |
sql.append("')");
|
|
| 736 |
sql.append(")");
|
|
| 737 |
sql.append(" AND ");
|
|
| 738 |
sql.append("(");
|
|
| 730 | 739 |
sql.append("(startnodeid NOT IN (SELECT startnodeid from xml_access where ");
|
| 731 | 740 |
sql.append(allowString); |
| 732 | 741 |
sql.append(")");
|
| ... | ... | |
| 736 | 745 |
sql.append(")");
|
| 737 | 746 |
sql.append(")");
|
| 738 | 747 |
sql.append(")");
|
| 748 |
sql.append(")");
|
|
| 739 | 749 |
MetaCatUtil.debugMessage("accessControlSQLForReturnField: " +
|
| 740 | 750 |
sql.toString(), 30); |
| 741 | 751 |
return sql.toString(); |
Also available in: Unified diff
Revise the sql for access control for return fields.