Revision 6017
Added by ben leinfelder about 13 years ago
| src/edu/ucsb/nceas/metacat/accesscontrol/XMLAccessAccess.java | ||
|---|---|---|
| 269 | 269 |
* permission order |
| 270 | 270 |
*/ |
| 271 | 271 |
public void addXMLAccess(String docId, String principalName, Long permission, String permType, |
| 272 |
String permOrder) throws AccessException, PermOrderException {
|
|
| 272 |
String permOrder, String accessFileId, String subTreeId) throws AccessException, PermOrderException {
|
|
| 273 | 273 |
|
| 274 | 274 |
permOrderConflict(docId, permOrder); |
| 275 | 275 |
|
| ... | ... | |
| 280 | 280 |
// access type / access order combination, call cleanup to combine common access and then |
| 281 | 281 |
// re-retrieve the access list. |
| 282 | 282 |
if (xmlAccessList.size() == 0) {
|
| 283 |
insertXMLAccess(docId, principalName, permission, permType, permOrder); |
|
| 283 |
insertXMLAccess(docId, principalName, permission, permType, permOrder, accessFileId, subTreeId);
|
|
| 284 | 284 |
return; |
| 285 | 285 |
} |
| 286 | 286 |
|
| ... | ... | |
| 322 | 322 |
// re-retrieve the access list. |
| 323 | 323 |
for(XMLAccessDAO xmlAccessDAO : xmlAccessList) {
|
| 324 | 324 |
insertXMLAccess(docId, xmlAccessDAO.getPrincipalName(), xmlAccessDAO.getPermission(), |
| 325 |
xmlAccessDAO.getPermType(), xmlAccessDAO.getPermOrder()); |
|
| 325 |
xmlAccessDAO.getPermType(), xmlAccessDAO.getPermOrder(), xmlAccessDAO.getAccessFileId(), xmlAccessDAO.getSubTreeId());
|
|
| 326 | 326 |
} |
| 327 | 327 |
} |
| 328 | 328 |
|
| ... | ... | |
| 343 | 343 |
* permission order |
| 344 | 344 |
*/ |
| 345 | 345 |
private void insertXMLAccess(String docId, String principalName, Long permission, String permType, |
| 346 |
String permOrder) throws AccessException {
|
|
| 346 |
String permOrder, String accessFileId, String subTreeId) throws AccessException {
|
|
| 347 | 347 |
//System.out.println("permission in insertXMLAccess: " + permission);
|
| 348 | 348 |
try |
| 349 | 349 |
{
|
| ... | ... | |
| 387 | 387 |
serialNumber = conn.getCheckOutSerialNumber(); |
| 388 | 388 |
|
| 389 | 389 |
String sql = "INSERT INTO xml_access " + |
| 390 |
"(docid, principal_name, permission, perm_type, perm_order ) " + |
|
| 391 |
"VALUES (?,?,?,?,?)"; |
|
| 390 |
"(docid, principal_name, permission, perm_type, perm_order, accessfileid, subtreeid ) " +
|
|
| 391 |
"VALUES (?,?,?,?,?,?,?)";
|
|
| 392 | 392 |
pstmt = conn.prepareStatement(sql); |
| 393 | 393 |
|
| 394 | 394 |
// Bind the values to the query |
| ... | ... | |
| 397 | 397 |
pstmt.setLong(3, permission); |
| 398 | 398 |
pstmt.setString(4, permType); |
| 399 | 399 |
pstmt.setString(5, permOrder); |
| 400 |
pstmt.setString(6, accessFileId); |
|
| 401 |
pstmt.setString(7, subTreeId); |
|
| 400 | 402 |
|
| 401 | 403 |
String sqlReport = "XMLAccessAccess.insertXMLAccess - SQL: " + sql; |
| 402 | 404 |
sqlReport += " [" + docId + "," + principalName + "," + permission + "," + permType + "," + permOrder + "]"; |
| ... | ... | |
| 746 | 748 |
String principalName = null; |
| 747 | 749 |
String permType = null; |
| 748 | 750 |
String permOrder = null; |
| 751 |
// TODO: handle these fields |
|
| 752 |
String accessFileId = null; |
|
| 753 |
String subTreeId = null; |
|
| 749 | 754 |
|
| 750 | 755 |
|
| 751 | 756 |
// iterate through the list of access dao objects and bttwise or the permissions. Most |
| ... | ... | |
| 803 | 808 |
numDenyRecords++; |
| 804 | 809 |
denyPermissionMask |= xmlAccessDAO.getPermission(); |
| 805 | 810 |
} |
| 811 |
if (accessFileId == null) {
|
|
| 812 |
accessFileId = xmlAccessDAO.getAccessFileId(); |
|
| 813 |
} |
|
| 814 |
if (subTreeId == null) {
|
|
| 815 |
subTreeId = xmlAccessDAO.getSubTreeId(); |
|
| 816 |
} |
|
| 806 | 817 |
} |
| 807 | 818 |
|
| 808 | 819 |
// if there was more than one allow record, remove all allow records for this user on this doc |
| 809 | 820 |
// with this perm type and perm order then insert a single record |
| 810 | 821 |
if (numAllowRecords > 1) {
|
| 811 | 822 |
deleteXMLAccessForPrincipal(docId, principalName, AccessControlInterface.ALLOW, permOrder); |
| 812 |
insertXMLAccess(docId, principalName, allowPermissionMask, AccessControlInterface.ALLOW, permOrder); |
|
| 823 |
insertXMLAccess(docId, principalName, allowPermissionMask, AccessControlInterface.ALLOW, permOrder, accessFileId, subTreeId);
|
|
| 813 | 824 |
} |
| 814 | 825 |
// if there was more than one deny record, remove all deny records for this user on this doc |
| 815 | 826 |
// with this perm type and perm order then insert a single record |
| 816 | 827 |
if (numDenyRecords > 1) {
|
| 817 | 828 |
deleteXMLAccessForPrincipal(docId, principalName, AccessControlInterface.DENY, permOrder); |
| 818 |
insertXMLAccess(docId, principalName, denyPermissionMask, AccessControlInterface.DENY, permOrder); |
|
| 829 |
insertXMLAccess(docId, principalName, denyPermissionMask, AccessControlInterface.DENY, permOrder, accessFileId, subTreeId);
|
|
| 819 | 830 |
} |
| 820 | 831 |
} |
| 821 | 832 |
|
| src/edu/ucsb/nceas/metacat/accesscontrol/AccessControlForSingleFile.java | ||
|---|---|---|
| 95 | 95 |
public void insertPermissions(XMLAccessDAO xmlAccessDAO) |
| 96 | 96 |
throws AccessControlException, PermOrderException{
|
| 97 | 97 |
insertPermissions(xmlAccessDAO.getPrincipalName(), xmlAccessDAO.getPermission(), |
| 98 |
xmlAccessDAO.getPermType(), xmlAccessDAO.getPermOrder()); |
|
| 98 |
xmlAccessDAO.getPermType(), xmlAccessDAO.getPermOrder(), xmlAccessDAO.getAccessFileId(), xmlAccessDAO.getSubTreeId());
|
|
| 99 | 99 |
} |
| 100 | 100 |
|
| 101 | 101 |
/** |
| ... | ... | |
| 110 | 110 |
* @param permOrder |
| 111 | 111 |
* the permission order |
| 112 | 112 |
*/ |
| 113 |
public void insertPermissions(String principalName, Long permission, String permType, String permOrder) |
|
| 113 |
public void insertPermissions(String principalName, Long permission, String permType, String permOrder, String accessFileId, String subTreeId)
|
|
| 114 | 114 |
throws AccessControlException, PermOrderException {
|
| 115 | 115 |
try {
|
| 116 | 116 |
// The addXMLAccess method will create the permission record if it does not exist. |
| ... | ... | |
| 118 | 118 |
// doc id. |
| 119 | 119 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
| 120 | 120 |
//System.out.println("permission in accessControlForSingleFile.insertPermissions: " + permission);
|
| 121 |
xmlAccessAccess.addXMLAccess(_docId, principalName, new Long(permission), permType, permOrder); |
|
| 121 |
xmlAccessAccess.addXMLAccess(_docId, principalName, new Long(permission), permType, permOrder, accessFileId, subTreeId);
|
|
| 122 | 122 |
} catch (AccessException ae) {
|
| 123 | 123 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - "
|
| 124 | 124 |
+ "DB access error when inserting permissions: " + ae.getMessage()); |
| ... | ... | |
| 196 | 196 |
"AND principal_name = ? " + |
| 197 | 197 |
"AND permission = ? " + |
| 198 | 198 |
"AND perm_type = ? " + |
| 199 |
"AND perm_order =? "); |
|
| 199 |
"AND perm_order = ? ");
|
|
| 200 | 200 |
|
| 201 | 201 |
// Bind the values to the query |
| 202 | 202 |
pstmt.setString(1, _docId); |
| src/edu/ucsb/nceas/metacat/MetacatHandler.java | ||
|---|---|---|
| 3179 | 3179 |
new AccessControlForSingleFile(accessionNumber); |
| 3180 | 3180 |
//System.out.println("permission in MetacatHandler: " + l.longValue());
|
| 3181 | 3181 |
//System.out.println("permission in MetacatHandler: " + Integer.valueOf(AccessControlList.intValue(permission)).longValue());
|
| 3182 |
accessControl.insertPermissions(principal, Integer.valueOf(AccessControlList.intValue(permission)).longValue(), permType, permOrder); |
|
| 3182 |
accessControl.insertPermissions(principal, Integer.valueOf(AccessControlList.intValue(permission)).longValue(), permType, permOrder, null, null);
|
|
| 3183 | 3183 |
} catch (Exception ee) {
|
| 3184 | 3184 |
logMetacat.error("MetaCatServlet.handleSetAccessAction - Error inserting permission: "
|
| 3185 | 3185 |
+ ee.getMessage()); |
Also available in: Unified diff
include accessfileid and subtreeid when inserting xml_access values