Revision 604
Added by bojilova over 23 years ago
| src/edu/ucsb/nceas/metacat/DBQuery.java | ||
|---|---|---|
| 656 | 656 |
} |
| 657 | 657 |
|
| 658 | 658 |
// Check for READ permission on @docid for @user and/or @group |
| 659 |
AccessControlList aclobj = new AccessControlList(conn);
|
|
| 660 |
boolean hasPermission = aclobj.hasPermission("READ",user,docid);
|
|
| 659 |
AccessControlList aclobj = new AccessControlList(); |
|
| 660 |
boolean hasPermission = aclobj.hasPermission(conn,"READ",user,docid);
|
|
| 661 | 661 |
if ( !hasPermission && group != null ) {
|
| 662 |
hasPermission = aclobj.hasPermission("READ",group,docid);
|
|
| 662 |
hasPermission = aclobj.hasPermission(conn,"READ",group,docid);
|
|
| 663 | 663 |
} |
| 664 | 664 |
|
| 665 | 665 |
return hasPermission; |
| src/edu/ucsb/nceas/metacat/AccessControlList.java | ||
|---|---|---|
| 62 | 62 |
/** |
| 63 | 63 |
* Construct an instance of the AccessControlList class. |
| 64 | 64 |
* It is used by the permission check up from DBQuery and DocumentImpl |
| 65 |
*/ |
|
| 66 |
public AccessControlList () |
|
| 67 |
{
|
|
| 68 |
// this.conn = conn; |
|
| 69 |
} |
|
| 70 |
|
|
| 71 |
/** |
|
| 72 |
* Construct an instance of the AccessControlList class. |
|
| 73 |
* It is used by the permission check up from DBQuery and DocumentImpl |
|
| 65 | 74 |
* |
| 66 | 75 |
* @param conn the JDBC connection where acl data are loaded |
| 67 | 76 |
*/ |
| ... | ... | |
| 333 | 342 |
} |
| 334 | 343 |
|
| 335 | 344 |
/** Check for @permission for @principal on @resourceId from db connection */ |
| 336 |
public boolean hasPermission ( String permission, String principal,
|
|
| 337 |
String resourceId ) |
|
| 345 |
public boolean hasPermission ( Connection conn, String permission,
|
|
| 346 |
String principal, String resourceId )
|
|
| 338 | 347 |
throws SQLException |
| 339 | 348 |
{
|
| 340 | 349 |
PreparedStatement pstmt; |
Also available in: Unified diff
problem with passing the connection between objects