Revision 3355
Added by Jing Tao over 16 years ago
| QuerySpecification.java | ||
|---|---|---|
| 794 | 794 |
return queryString.toString(); |
| 795 | 795 |
} |
| 796 | 796 |
|
| 797 |
/** |
|
| 798 |
* This sql command will selecet startnodeid and endnodeid that user can |
|
| 799 |
* NOT access |
|
| 800 |
*/ |
|
| 801 |
/*public String printAccessControlSQLForReturnField(String doclist) |
|
| 802 |
{
|
|
| 803 |
StringBuffer sql = new StringBuffer(); |
|
| 804 |
String allowString = constructAllowString(); |
|
| 805 |
String denyString = constructDenyString(); |
|
| 806 |
sql.append("SELECT distinct startnodeid, endnodeid from xml_access ");
|
|
| 807 |
sql.append("WHERE docid in (");
|
|
| 808 |
sql.append(doclist); |
|
| 809 |
sql.append(") AND startnodeid IS NOT NULL AND ");
|
|
| 810 |
sql.append("(");
|
|
| 811 |
sql.append("(");
|
|
| 812 |
sql |
|
| 813 |
.append("startnodeid NOT IN (SELECT startnodeid from xml_access, xml_documents ");
|
|
| 814 |
sql.append(" WHERE xml_access.docid = xml_documents.docid");
|
|
| 815 |
sql.append(" AND lower(xml_documents.user_owner) ='");
|
|
| 816 |
sql.append(userName); |
|
| 817 |
sql.append("' AND xml_access.startnodeid IS NOT NULL)");
|
|
| 818 |
sql.append(")");
|
|
| 819 |
sql.append(" AND ");
|
|
| 820 |
sql.append("(");
|
|
| 821 |
sql |
|
| 822 |
.append("(startnodeid NOT IN (SELECT startnodeid from xml_access where( ");
|
|
| 823 |
sql.append(allowString); |
|
| 824 |
sql.append(") AND (startnodeid IS NOT NULL))");
|
|
| 825 |
sql.append(")");
|
|
| 826 |
sql |
|
| 827 |
.append(" OR (startnodeid IN (SELECT startnodeid from xml_access where( ");
|
|
| 828 |
sql.append(denyString); |
|
| 829 |
sql.append(") AND (startnodeid IS NOT NULL))");
|
|
| 830 |
sql.append(")");
|
|
| 831 |
sql.append(")");
|
|
| 832 |
sql.append(")");
|
|
| 833 |
logMetacat.info("accessControlSQLForReturnField: "
|
|
| 834 |
+ sql.toString()); |
|
| 835 |
return sql.toString(); |
|
| 836 |
}*/ |
|
| 797 |
|
|
| 837 | 798 |
|
| 838 | 799 |
/** |
| 839 | 800 |
* This method prints sql based upon the <returnfield> tag in the |
| ... | ... | |
| 901 | 862 |
* @param unaccessableNodePair the node pairs (start id and end id) |
| 902 | 863 |
* which this user should not access |
| 903 | 864 |
*/ |
| 904 |
public String printExtendedSQL(String doclist)
|
|
| 865 |
private String printExtendedSQL(String doclist)
|
|
| 905 | 866 |
{
|
| 906 | 867 |
logMetacat.info("querySpecification.printExtendedSQL called\n");
|
| 907 | 868 |
StringBuffer self = new StringBuffer(); |
| 869 |
Vector elementVector = new Vector(); |
|
| 870 |
Vector attributeVector = new Vector(); |
|
| 908 | 871 |
|
| 909 | 872 |
boolean usePathIndex = true; |
| 910 | 873 |
|
| ... | ... | |
| 914 | 877 |
} |
| 915 | 878 |
|
| 916 | 879 |
for (int i = 0; i < returnFieldList.size(); i++) {
|
| 917 |
if(!MetaCatUtil.pathsForIndexing.contains |
|
| 918 |
(returnFieldList.elementAt(i))){
|
|
| 919 |
usePathIndex = false; |
|
| 920 |
break; |
|
| 880 |
String path = (String)returnFieldList.elementAt(i); |
|
| 881 |
if (path != null && path.contains(ATTRIBUTESYMBOL)) |
|
| 882 |
{
|
|
| 883 |
attributeVector.add(path); |
|
| 884 |
} |
|
| 885 |
else |
|
| 886 |
{
|
|
| 887 |
elementVector.add(path); |
|
| 888 |
} |
|
| 889 |
if(!MetaCatUtil.pathsForIndexing.contains(path)){
|
|
| 890 |
usePathIndex = false; |
|
| 921 | 891 |
} |
| 892 |
|
|
| 922 | 893 |
} |
| 894 |
// check if has return field |
|
| 895 |
if (elementVector.size() == 0 && attributeVector.size()==0) |
|
| 896 |
{
|
|
| 897 |
return null; |
|
| 898 |
} |
|
| 923 | 899 |
|
| 924 | 900 |
if(usePathIndex){
|
| 925 | 901 |
self.append("select docid, path, nodedata, parentnodeid ");
|
| 926 |
self.append("from xml_path_index where (path like '");
|
|
| 902 |
self.append("from xml_path_index where path in( '");
|
|
| 927 | 903 |
|
| 928 | 904 |
boolean firstfield = true; |
| 929 | 905 |
//put the returnfields into the query |
| ... | ... | |
| 935 | 911 |
self.append("' ");
|
| 936 | 912 |
} |
| 937 | 913 |
else {
|
| 938 |
self.append("or path like '");
|
|
| 914 |
self.append(", '");
|
|
| 939 | 915 |
self.append( (String) returnFieldList.elementAt(i)); |
| 940 | 916 |
self.append("' ");
|
| 941 | 917 |
} |
| ... | ... | |
| 947 | 923 |
} else {
|
| 948 | 924 |
self.append("select xml_nodes.docid, xml_index.path, xml_nodes.nodedata, ");
|
| 949 | 925 |
self.append("xml_nodes.parentnodeid ");
|
| 950 |
self.append("from xml_index, xml_nodes where xml_index.nodeid=");
|
|
| 951 |
self.append("xml_nodes.parentnodeid and (xml_index.path like '");
|
|
| 926 |
self.append("FROM xml_index, xml_nodes WHERE (");
|
|
| 927 |
|
|
| 952 | 928 |
|
| 953 |
boolean firstfield = true; |
|
| 929 |
boolean firstElement = true; |
|
| 930 |
boolean firstAttribute = true; |
|
| 954 | 931 |
//put the returnfields into the query |
| 955 | 932 |
//the for loop allows for multiple fields |
| 956 |
for (int i = 0; i < returnFieldList.size(); i++) {
|
|
| 957 |
if (firstfield) {
|
|
| 958 |
firstfield = false; |
|
| 959 |
self.append((String) returnFieldList.elementAt(i)); |
|
| 960 |
self.append("' ");
|
|
| 961 |
} else {
|
|
| 962 |
self.append("or xml_index.path like '");
|
|
| 963 |
self.append((String) returnFieldList.elementAt(i)); |
|
| 964 |
self.append("' ");
|
|
| 965 |
} |
|
| 933 |
if (elementVector.size() != 0) |
|
| 934 |
{
|
|
| 935 |
for (int i = 0; i < elementVector.size(); i++) {
|
|
| 936 |
String path = (String) elementVector.elementAt(i); |
|
| 937 |
if (firstElement) {
|
|
| 938 |
firstElement = false; |
|
| 939 |
self.append(" (xml_index.nodeid=xml_nodes.parentnodeid AND xml_index.path IN ('");
|
|
| 940 |
self.append(path); |
|
| 941 |
self.append("'");
|
|
| 942 |
} |
|
| 943 |
else |
|
| 944 |
{
|
|
| 945 |
self.append(", '");
|
|
| 946 |
self.append(path); |
|
| 947 |
self.append("' ");
|
|
| 948 |
} |
|
| 949 |
} |
|
| 950 |
self.append(") AND xml_nodes.nodetype = 'TEXT')");
|
|
| 966 | 951 |
} |
| 952 |
|
|
| 953 |
if (attributeVector.size() != 0) |
|
| 954 |
{
|
|
| 955 |
for (int j=0; j<attributeVector.size(); j++) |
|
| 956 |
{
|
|
| 957 |
String path = (String) attributeVector.elementAt(j); |
|
| 958 |
if (firstAttribute) |
|
| 959 |
{
|
|
| 960 |
firstAttribute = false; |
|
| 961 |
if (!firstElement) |
|
| 962 |
{
|
|
| 963 |
self.append(" OR ");
|
|
| 964 |
} |
|
| 965 |
self.append(" (xml_index.nodeid=xml_nodes.nodeid AND ( xml_index.path IN ( '");
|
|
| 966 |
self.append(path); |
|
| 967 |
self.append("'");
|
|
| 968 |
} |
|
| 969 |
else |
|
| 970 |
{
|
|
| 971 |
self.append(", '");
|
|
| 972 |
self.append(path); |
|
| 973 |
self.append("' ");
|
|
| 974 |
} |
|
| 975 |
} |
|
| 976 |
self.append(") AND xml_nodes.nodetype = 'ATTRIBUTE'))");
|
|
| 977 |
} |
|
| 978 |
|
|
| 979 |
|
|
| 967 | 980 |
self.append(") AND xml_nodes.docid in (");
|
| 968 | 981 |
self.append(doclist); |
| 969 |
self.append(") AND xml_nodes.nodetype = 'TEXT'");
|
|
| 982 |
self.append(")");
|
|
| 970 | 983 |
|
| 971 | 984 |
} |
| 972 | 985 |
|
| 973 |
//addAccessRestrictionSQL(unaccessableNodePair, self); |
|
| 974 |
|
|
| 975 | 986 |
return self.toString(); |
| 976 | 987 |
} |
| 977 | 988 |
|
| ... | ... | |
| 1022 | 1033 |
} |
| 1023 | 1034 |
|
| 1024 | 1035 |
|
| 1025 |
/** |
|
| 1026 |
* Create the SQl necessary to restrict access to allowed nodes. This is |
|
| 1027 |
* accomplished by restricting the nodes that are returned to include |
|
| 1028 |
* only those whose IDs fall outside of a set of start/stop pairs of |
|
| 1029 |
* nodeid values. These pairs are passed in as a hash, with the key |
|
| 1030 |
* containing the start nodeid and the value containing the end nodeid. |
|
| 1031 |
* Any nodes between these start and end nodeid values will be excluded |
|
| 1032 |
* from the results. |
|
| 1033 |
* |
|
| 1034 |
* @param unaccessableNodePair hash of start/end nodeid pairs to restrict |
|
| 1035 |
* @param self a stringbuffer to which the genrated SQL is appended |
|
| 1036 |
*/ |
|
| 1037 |
/*private void addAccessRestrictionSQL(Hashtable unaccessableNodePair, |
|
| 1038 |
StringBuffer self) |
|
| 1039 |
{
|
|
| 1040 |
// add control part for extended query |
|
| 1041 |
Enumeration en = unaccessableNodePair.keys(); |
|
| 1036 |
|
|
| 1042 | 1037 |
|
| 1043 |
while (en.hasMoreElements()) {
|
|
| 1044 |
// Get control pairs in object |
|
| 1045 |
Long startNodeIdObject = (Long) en.nextElement(); |
|
| 1046 |
Long endNodeIdObject = (Long) unaccessableNodePair |
|
| 1047 |
.get(startNodeIdObject); |
|
| 1048 |
// change it to long |
|
| 1049 |
long startNodeId = startNodeIdObject.longValue(); |
|
| 1050 |
long endNodeId = endNodeIdObject.longValue(); |
|
| 1051 |
// add into query |
|
| 1052 |
self.append(" AND ( xml_nodes.nodeid < ");
|
|
| 1053 |
self.append(startNodeId); |
|
| 1054 |
self.append(" OR xml_nodes.nodeid > ");
|
|
| 1055 |
self.append(endNodeId); |
|
| 1056 |
self.append(")");
|
|
| 1057 |
} |
|
| 1058 |
}*/ |
|
| 1059 | 1038 |
|
| 1060 |
|
|
| 1061 |
|
|
| 1062 |
|
|
| 1063 |
|
|
| 1064 | 1039 |
public static String printRelationSQL(String docid) |
| 1065 | 1040 |
{
|
| 1066 | 1041 |
StringBuffer self = new StringBuffer(); |
Also available in: Unified diff
Fixed bug that searching for parameters.