| 62 |
62 |
/**
|
| 63 |
63 |
* Construct an instance of the AccessControlList class.
|
| 64 |
64 |
* It is used by the permission check up from DBQuery and DocumentImpl
|
| 65 |
|
*/
|
| 66 |
|
public AccessControlList () //throws SQLException, ClassNotFoundException
|
| 67 |
|
{
|
| 68 |
|
//MetaCatUtil util = new MetaCatUtil();
|
| 69 |
|
//this.conn = util.openDBConnection();
|
| 70 |
|
}
|
| 71 |
|
|
| 72 |
|
/**
|
| 73 |
|
* Construct an instance of the AccessControlList class.
|
| 74 |
|
* It is used by the permission check up from DBQuery and DocumentImpl
|
| 75 |
65 |
*
|
| 76 |
66 |
* @param conn the JDBC connection where acl data are loaded
|
| 77 |
67 |
*/
|
| 78 |
|
public AccessControlList ( Connection conn )
|
|
68 |
public AccessControlList ( Connection conn ) throws SQLException
|
| 79 |
69 |
{
|
| 80 |
|
this.conn = conn;
|
|
70 |
Connection dbconn = conn;
|
|
71 |
if ( dbconn == null || dbconn.isClosed() ) {
|
|
72 |
System.out.println("AccessControlList: " +
|
|
73 |
"DB connection was closed. Open a new one");
|
|
74 |
try {
|
|
75 |
MetaCatUtil util = new MetaCatUtil();
|
|
76 |
dbconn = util.openDBConnection();
|
|
77 |
} catch (Exception e) {
|
|
78 |
throw new SQLException(e.getMessage());
|
|
79 |
}
|
|
80 |
}
|
|
81 |
this.conn = dbconn;
|
| 81 |
82 |
}
|
| 82 |
83 |
|
| 83 |
84 |
/**
|
| ... | ... | |
| 343 |
344 |
}
|
| 344 |
345 |
|
| 345 |
346 |
/** Check for @permission for @principal on @resourceId from db connection */
|
| 346 |
|
public boolean hasPermission ( Connection conn, String permission,
|
|
347 |
public boolean hasPermission ( String permission,
|
| 347 |
348 |
String principal, String resourceId )
|
| 348 |
349 |
throws SQLException
|
| 349 |
350 |
{
|
| 350 |
|
Connection dbconn = conn;
|
| 351 |
|
|
| 352 |
|
if ( dbconn == null ) {
|
| 353 |
|
System.out.println("AccessControlList.hasPermission(): " +
|
| 354 |
|
"DB connection was closed. Open a new one");
|
| 355 |
|
try {
|
| 356 |
|
MetaCatUtil util = new MetaCatUtil();
|
| 357 |
|
dbconn = util.openDBConnection();
|
| 358 |
|
} catch (Exception e) {
|
| 359 |
|
throw new SQLException(e.getMessage());
|
| 360 |
|
}
|
| 361 |
|
}
|
| 362 |
|
|
| 363 |
351 |
PreparedStatement pstmt;
|
| 364 |
352 |
// check public access to @resourceId from xml_documents table
|
| 365 |
353 |
if ( permission.equals("READ") ) {
|
| 366 |
354 |
try {
|
| 367 |
|
pstmt = dbconn.prepareStatement(
|
|
355 |
pstmt = conn.prepareStatement(
|
| 368 |
356 |
"SELECT 'x' FROM xml_documents " +
|
| 369 |
357 |
"WHERE docid LIKE ? AND public_access = 1");
|
| 370 |
358 |
// Bind the values to the query
|
| ... | ... | |
| 390 |
378 |
// check if @principal is owner of @resourceId in xml_documents table
|
| 391 |
379 |
if ( principal != null ) {
|
| 392 |
380 |
try {
|
| 393 |
|
pstmt = dbconn.prepareStatement(
|
|
381 |
pstmt = conn.prepareStatement(
|
| 394 |
382 |
"SELECT 'x' FROM xml_documents " +
|
| 395 |
383 |
"WHERE docid LIKE ? AND user_owner LIKE ?");
|
| 396 |
384 |
// Bind the values to the query
|
| ... | ... | |
| 417 |
405 |
int ticketCount = 0;
|
| 418 |
406 |
String permOrder = "";
|
| 419 |
407 |
try {
|
| 420 |
|
pstmt = dbconn.prepareStatement(
|
|
408 |
pstmt = conn.prepareStatement(
|
| 421 |
409 |
"SELECT permission, perm_order, ticket_count " +
|
| 422 |
410 |
"FROM xml_access " +
|
| 423 |
411 |
"WHERE docid LIKE ? " +
|
problems with passing the connection between objects