Project

General

Profile

« Previous | Next » 

Revision 3313

Added by Jing Tao over 17 years ago

Revised the access query part.

View differences:

src/edu/ucsb/nceas/metacat/QuerySpecification.java
271 271
    private String constructAllowString()
272 272
    {
273 273
        String allowQuery = "";
274
        // add allow rule for user name
275
        if (userName != null && !userName.equals("")) {
276
            allowQuery = allowQuery + "(lower(principal_name) = '" + userName
277
                    + "' AND perm_type = 'allow'"
278
                    + " AND (permission='4' OR permission='5' " 
279
                    + "OR permission='6' OR permission='7'))";
274
        
275
       // add public
276
        allowQuery = "(lower(principal_name) = '" + PUBLIC
277
                + "'";
278
                
279
        // add user name
280
        if (userName != null && !userName.equals("") && !userName.equalsIgnoreCase(PUBLIC)) {
281
            allowQuery = allowQuery + "OR lower(principal_name) = '" + userName +"'";
282
                    
280 283
        }
281
        // add allow rule for public
282
        allowQuery = allowQuery + "OR (lower(principal_name) = '" + PUBLIC
283
                + "' AND perm_type = 'allow'"
284
                + " AND (permission='4' OR permission='5' " 
285
                + "OR permission='6' OR permission='7'))";
286

  
287
        // add allow rule for group
284
        // add  group
288 285
        if (group != null) {
289 286
            for (int i = 0; i < group.length; i++) {
290 287
                String groupUint = group[i];
291 288
                if (groupUint != null && !groupUint.equals("")) {
292 289
                    groupUint = groupUint.toLowerCase();
293
                    allowQuery = allowQuery + " OR (lower(principal_name) = '"
294
                            + groupUint + "' AND perm_type = 'allow'"
295
                	    + " AND (permission='4' OR permission='5' " 
296
                            + "OR permission='6' OR permission='7'))";
290
                    allowQuery = allowQuery + " OR lower(principal_name) = '"
291
                            + groupUint + "'";
297 292
                }//if
298 293
            }//for
299 294
        }//if
295
        // add allow rule
296
        allowQuery = allowQuery + ") AND perm_type = 'allow'" + " AND permission > 3";
300 297
        logMetacat.info("allow string is: " + allowQuery);
301 298
        return allowQuery;
302 299
    }
......
321 318
    private String constructDenyString()
322 319
    {
323 320
        String denyQuery = "";
324
        // add deny rule for user name
325
        if (userName != null && !userName.equals("")) {
326
            denyQuery = denyQuery + "(lower(principal_name) = '" + userName
327
                    + "' AND perm_type = 'deny' "
328
                    + "AND perm_order ='allowFirst'"
329
                    + " AND (permission='4' OR permission='5' " 
330
                    + "OR permission='6' OR permission='7'))";
331
        }
332
        // add deny rule for public
333
        denyQuery = denyQuery + "OR (lower(principal_name) = '" + PUBLIC
334
                + "' AND perm_type = 'deny' " + "AND perm_order ='allowFirst'"
335
                + " AND (permission='4' OR permission='5' " 
336
                + "OR permission='6' OR permission='7'))";
337

  
338
        // add allow rule for group
339
        if (group != null) {
340
            for (int i = 0; i < group.length; i++) {
341
                String groupUint = group[i];
342
                if (groupUint != null && !groupUint.equals("")) {
343
                    groupUint = groupUint.toLowerCase();
344
                    denyQuery = denyQuery + " OR (lower(principal_name) = '"
345
                            + groupUint + "' AND perm_type = 'deny' "
346
                            + "AND perm_order ='allowFirst'"
347
                	    + " AND (permission='4' OR permission='5' " 
348
                            + "OR permission='6' OR permission='7'))";
349
                }//if
350
            }//for
351
        }//if
352
        return denyQuery;
321
         
322
        // add public
323
        denyQuery = "(lower(principal_name) = '" + PUBLIC
324
                 + "'";
325
                 
326
         // add user name
327
         if (userName != null && !userName.equals("") && !userName.equalsIgnoreCase(PUBLIC)) {
328
        	 denyQuery = denyQuery + "OR lower(principal_name) = '" + userName +"'";
329
                     
330
         }
331
         // add  groups
332
         if (group != null) {
333
             for (int i = 0; i < group.length; i++) {
334
                 String groupUint = group[i];
335
                 if (groupUint != null && !groupUint.equals("")) {
336
                     groupUint = groupUint.toLowerCase();
337
                     denyQuery = denyQuery + " OR lower(principal_name) = '"
338
                             + groupUint + "'";
339
                 }//if
340
             }//for
341
         }//if
342
         // add deny rules
343
         denyQuery = denyQuery + ") AND perm_type = 'deny'" +  " AND perm_order ='allowFirst'" +" AND permission > 3";
344
         logMetacat.info("allow string is: " + denyQuery);
345
         return denyQuery;
346
        
353 347
    }
354 348

  
355 349
    /**
......
365 359
        String onwer = createOwerQuery();
366 360
        String allow = createAllowRuleQuery();
367 361
        String deny = createDenyRuleQuery();
362
        //logMetacat.warn("onwer " +onwer);
363
        //logMetacat.warn("allow "+allow);
364
        //logMetacat.warn("deny "+deny);
368 365
        if (onwer != null)
369 366
        {
370 367
          accessQuery = " AND (docid IN(" + onwer + ")";
......
376 373
        	accessQuery = " AND (docid IN (" + allow + ")"
377 374
                + " AND docid NOT IN (" + deny + "))";
378 375
        }
379
        logMetacat.info("accessquery is: " + accessQuery);
376
        logMetacat.warn("accessquery is: " + accessQuery);
380 377
        return accessQuery;
381 378
    }
382 379

  

Also available in: Unified diff