Revision 5098
Added by daigle over 14 years ago
PermissionController.java | ||
---|---|---|
55 | 55 |
// access for this docid |
56 | 56 |
private Vector subTreeList = new Vector(); |
57 | 57 |
|
58 |
private long TOPLEVELSTARTNODEID = 0; //if start node is 0, means it is top |
|
58 |
private static final long TOPLEVELSTARTNODEID = 0; //if start node is 0, means it is top
|
|
59 | 59 |
//level document |
60 | 60 |
|
61 | 61 |
private static Logger logMetacat = Logger.getLogger(PermissionController.class); |
... | ... | |
663 | 663 |
|
664 | 664 |
}//isAllowFirst |
665 | 665 |
|
666 |
/** |
|
667 |
* Check if the permission order for user at that documents is allowFirst |
|
668 |
* @param principals, list of names of principals to check for |
|
669 |
* @param docid, document identifier to check for |
|
670 |
*/ |
|
671 |
public Vector<AccessControlForSingleFile> getAccessControl() |
|
672 |
throws SQLException, Exception |
|
673 |
{ |
|
674 |
Vector<AccessControlForSingleFile> accessControl = new Vector<AccessControlForSingleFile>(); |
|
675 |
boolean hasRow; |
|
676 |
PreparedStatement pStmt = null; |
|
677 |
DBConnection conn = null; |
|
678 |
int serialNumber = -1; |
|
679 |
String sql = null; |
|
680 |
boolean topLever =false; |
|
681 |
sql = "SELECT principal_name, permission, perm_type, perm_order FROM xml_access "; |
|
682 |
|
|
683 |
//TODO, need this? |
|
684 |
long startId = 0; |
|
685 |
if (startId == TOPLEVELSTARTNODEID) |
|
686 |
{ |
|
687 |
//top level |
|
688 |
topLever = true; |
|
689 |
sql += "WHERE docid = ? AND startnodeid is NULL"; |
|
690 |
} |
|
691 |
else |
|
692 |
{ |
|
693 |
//sub tree level |
|
694 |
sql += "WHERE docid = ? AND startnodeid = ?"; |
|
695 |
} |
|
696 |
|
|
697 |
try |
|
698 |
{ |
|
699 |
//check out DBConnection |
|
700 |
conn=DBConnectionPool.getDBConnection("AccessControlList.getPermissions"); |
|
701 |
serialNumber=conn.getCheckOutSerialNumber(); |
|
702 |
|
|
703 |
//select permission order from database |
|
704 |
pStmt = conn.prepareStatement(sql); |
|
705 |
|
|
706 |
//bind value |
|
707 |
pStmt.setString(1, docId);//docid |
|
708 |
|
|
709 |
// if subtree, we need set subtree id |
|
710 |
if (!topLever) |
|
711 |
{ |
|
712 |
pStmt.setLong(2, startId); |
|
713 |
} |
|
714 |
|
|
715 |
pStmt.execute(); |
|
716 |
ResultSet rs = pStmt.getResultSet(); |
|
717 |
while (rs.next()) |
|
718 |
{ |
|
719 |
//get the permission order from data base |
|
720 |
String principalName=rs.getString(1); |
|
721 |
String permission=rs.getString(2); |
|
722 |
String permType=rs.getString(3); |
|
723 |
String permOrder=rs.getString(4); |
|
724 |
|
|
725 |
//translate to string version |
|
726 |
String myPermission = AccessControlList.txtValue(Integer.parseInt(permission)); |
|
727 |
|
|
728 |
//make it into an object |
|
729 |
AccessControlForSingleFile acfsf = |
|
730 |
new AccessControlForSingleFile(docId, principalName, myPermission, permType, permOrder); |
|
731 |
accessControl.add(acfsf); |
|
732 |
} |
|
733 |
pStmt.close(); |
|
734 |
}//try |
|
735 |
catch (SQLException e) |
|
736 |
{ |
|
737 |
throw e; |
|
738 |
} |
|
739 |
finally |
|
740 |
{ |
|
741 |
try |
|
742 |
{ |
|
743 |
pStmt.close(); |
|
744 |
} |
|
745 |
finally |
|
746 |
{ |
|
747 |
DBConnectionPool.returnDBConnection(conn, serialNumber); |
|
748 |
} |
|
749 |
} |
|
750 |
|
|
751 |
return accessControl; |
|
752 |
|
|
753 |
}//getPermissions |
|
754 |
|
|
755 | 666 |
/** |
756 | 667 |
* Check if the users array has allow rules for given users, docid and |
757 | 668 |
* permission. |
Also available in: Unified diff
change AccessControlForSingleFile to only be instantiated for one file. move ACL methods to AccessControlForSingleFile. Change format of access sections returned to EML 2.1.0.