Revision 5098
Added by daigle over 14 years ago
| PermissionController.java | ||
|---|---|---|
| 55 | 55 |
// access for this docid |
| 56 | 56 |
private Vector subTreeList = new Vector(); |
| 57 | 57 |
|
| 58 |
private long TOPLEVELSTARTNODEID = 0; //if start node is 0, means it is top |
|
| 58 |
private static final long TOPLEVELSTARTNODEID = 0; //if start node is 0, means it is top
|
|
| 59 | 59 |
//level document |
| 60 | 60 |
|
| 61 | 61 |
private static Logger logMetacat = Logger.getLogger(PermissionController.class); |
| ... | ... | |
| 663 | 663 |
|
| 664 | 664 |
}//isAllowFirst |
| 665 | 665 |
|
| 666 |
/** |
|
| 667 |
* Check if the permission order for user at that documents is allowFirst |
|
| 668 |
* @param principals, list of names of principals to check for |
|
| 669 |
* @param docid, document identifier to check for |
|
| 670 |
*/ |
|
| 671 |
public Vector<AccessControlForSingleFile> getAccessControl() |
|
| 672 |
throws SQLException, Exception |
|
| 673 |
{
|
|
| 674 |
Vector<AccessControlForSingleFile> accessControl = new Vector<AccessControlForSingleFile>(); |
|
| 675 |
boolean hasRow; |
|
| 676 |
PreparedStatement pStmt = null; |
|
| 677 |
DBConnection conn = null; |
|
| 678 |
int serialNumber = -1; |
|
| 679 |
String sql = null; |
|
| 680 |
boolean topLever =false; |
|
| 681 |
sql = "SELECT principal_name, permission, perm_type, perm_order FROM xml_access "; |
|
| 682 |
|
|
| 683 |
//TODO, need this? |
|
| 684 |
long startId = 0; |
|
| 685 |
if (startId == TOPLEVELSTARTNODEID) |
|
| 686 |
{
|
|
| 687 |
//top level |
|
| 688 |
topLever = true; |
|
| 689 |
sql += "WHERE docid = ? AND startnodeid is NULL"; |
|
| 690 |
} |
|
| 691 |
else |
|
| 692 |
{
|
|
| 693 |
//sub tree level |
|
| 694 |
sql += "WHERE docid = ? AND startnodeid = ?"; |
|
| 695 |
} |
|
| 696 |
|
|
| 697 |
try |
|
| 698 |
{
|
|
| 699 |
//check out DBConnection |
|
| 700 |
conn=DBConnectionPool.getDBConnection("AccessControlList.getPermissions");
|
|
| 701 |
serialNumber=conn.getCheckOutSerialNumber(); |
|
| 702 |
|
|
| 703 |
//select permission order from database |
|
| 704 |
pStmt = conn.prepareStatement(sql); |
|
| 705 |
|
|
| 706 |
//bind value |
|
| 707 |
pStmt.setString(1, docId);//docid |
|
| 708 |
|
|
| 709 |
// if subtree, we need set subtree id |
|
| 710 |
if (!topLever) |
|
| 711 |
{
|
|
| 712 |
pStmt.setLong(2, startId); |
|
| 713 |
} |
|
| 714 |
|
|
| 715 |
pStmt.execute(); |
|
| 716 |
ResultSet rs = pStmt.getResultSet(); |
|
| 717 |
while (rs.next()) |
|
| 718 |
{
|
|
| 719 |
//get the permission order from data base |
|
| 720 |
String principalName=rs.getString(1); |
|
| 721 |
String permission=rs.getString(2); |
|
| 722 |
String permType=rs.getString(3); |
|
| 723 |
String permOrder=rs.getString(4); |
|
| 724 |
|
|
| 725 |
//translate to string version |
|
| 726 |
String myPermission = AccessControlList.txtValue(Integer.parseInt(permission)); |
|
| 727 |
|
|
| 728 |
//make it into an object |
|
| 729 |
AccessControlForSingleFile acfsf = |
|
| 730 |
new AccessControlForSingleFile(docId, principalName, myPermission, permType, permOrder); |
|
| 731 |
accessControl.add(acfsf); |
|
| 732 |
} |
|
| 733 |
pStmt.close(); |
|
| 734 |
}//try |
|
| 735 |
catch (SQLException e) |
|
| 736 |
{
|
|
| 737 |
throw e; |
|
| 738 |
} |
|
| 739 |
finally |
|
| 740 |
{
|
|
| 741 |
try |
|
| 742 |
{
|
|
| 743 |
pStmt.close(); |
|
| 744 |
} |
|
| 745 |
finally |
|
| 746 |
{
|
|
| 747 |
DBConnectionPool.returnDBConnection(conn, serialNumber); |
|
| 748 |
} |
|
| 749 |
} |
|
| 750 |
|
|
| 751 |
return accessControl; |
|
| 752 |
|
|
| 753 |
}//getPermissions |
|
| 754 |
|
|
| 755 | 666 |
/** |
| 756 | 667 |
* Check if the users array has allow rules for given users, docid and |
| 757 | 668 |
* permission. |
Also available in: Unified diff
change AccessControlForSingleFile to only be instantiated for one file. move ACL methods to AccessControlForSingleFile. Change format of access sections returned to EML 2.1.0.