Revision 944
Added by Jing Tao almost 23 years ago
src/edu/ucsb/nceas/metacat/AccessControlList.java | ||
---|---|---|
277 | 277 |
permission = permission | READ; |
278 | 278 |
} else if ( inputString.trim().toUpperCase().equals("WRITE") ) { |
279 | 279 |
permission = permission | WRITE; |
280 |
} else if ( inputString.trim().toUpperCase().equals("CHANGEPERMISSION") ) { |
|
280 |
} else if ( inputString.trim().toUpperCase().equals("CHANGEPERMISSION")) |
|
281 |
{ |
|
281 | 282 |
permission = permission | CHMOD; |
282 | 283 |
} else if ( inputString.trim().toUpperCase().equals("ALL") ) { |
283 | 284 |
permission = permission | ALL; |
... | ... | |
586 | 587 |
String principal, String docid) |
587 | 588 |
throws SQLException |
588 | 589 |
{ |
589 |
//System.out.println("Does " + principal + " have " + permission + " on " + docid); |
|
590 |
//detele the rev number if docid contains it |
|
591 |
docid=MetaCatUtil.getDocIdFromString(docid); |
|
590 | 592 |
PreparedStatement pstmt; |
591 |
// check public access to @docid from xml_documents table |
|
592 |
if ( permission.equals("READ") ) { |
|
593 |
try { |
|
594 |
pstmt = conn.prepareStatement( |
|
595 |
"SELECT 'x' FROM xml_documents " + |
|
596 |
"WHERE docid = ? AND public_access = 1"); |
|
597 |
// Bind the values to the query |
|
598 |
pstmt.setString(1, docid); |
|
599 |
|
|
600 |
pstmt.execute(); |
|
601 |
ResultSet rs = pstmt.getResultSet(); |
|
602 |
boolean hasRow = rs.next(); |
|
603 |
pstmt.close(); |
|
604 |
if (hasRow) { |
|
605 |
return true; |
|
606 |
} |
|
607 |
|
|
608 |
|
|
609 |
} catch (SQLException e) { |
|
610 |
throw new |
|
611 |
SQLException("AccessControlList.hasPermission(). " + |
|
612 |
"Error checking public access for document #"+docid+ |
|
613 |
". " + e.getMessage()); |
|
614 |
} |
|
615 |
} |
|
616 | 593 |
|
594 |
|
|
617 | 595 |
// since owner of resource has all permission on it, |
618 | 596 |
// check if @principal is owner of @docid in xml_documents table |
619 | 597 |
if ( principal != null ) { |
... | ... | |
646 | 624 |
{ |
647 | 625 |
pstmt = conn.prepareStatement("select 'x' from xml_access where " + |
648 | 626 |
"accessfileid like '" + docid + |
649 |
"' and principal_name like '" + principal +
|
|
627 |
"' and principal_name like '" + principal+ |
|
650 | 628 |
"' and perm_type like 'allow' and " + |
651 | 629 |
"permission = 7"); |
652 | 630 |
pstmt.execute(); |
... | ... | |
696 | 674 |
( permOrder.equals("allowFirst") ) && |
697 | 675 |
( rs.wasNull() || ticketCount > 0 ) ) { |
698 | 676 |
if ( !rs.wasNull() && ticketCount > 0 ) { |
699 |
decreaseNumberOfAccess(accessValue,principal,docid,"deny","allowFirst"); |
|
677 |
decreaseNumberOfAccess(accessValue,principal,docid, |
|
678 |
"deny","allowFirst"); |
|
700 | 679 |
} |
701 | 680 |
pstmt.close(); |
702 | 681 |
return false; |
703 | 682 |
} |
704 | 683 |
hasRows = rs.next(); |
705 | 684 |
} |
706 |
//System.out.println("Passed the check for \"deny\" access with \"allowFirst\""); |
|
685 |
|
|
707 | 686 |
|
708 | 687 |
// it is not denied then check if it is "allow" |
709 | 688 |
// Bind the values to the query |
... | ... | |
721 | 700 |
if ( ( accessValue & intValue(permission) )==intValue(permission) && |
722 | 701 |
( rs.wasNull() || ticketCount > 0 ) ) { |
723 | 702 |
if ( !rs.wasNull() && ticketCount > 0 ) { |
724 |
decreaseNumberOfAccess(accessValue,principal,docid,"allow",permOrder); |
|
703 |
decreaseNumberOfAccess(accessValue,principal, |
|
704 |
docid,"allow",permOrder); |
|
725 | 705 |
} |
726 | 706 |
pstmt.close(); |
727 | 707 |
return true; |
728 | 708 |
} |
729 | 709 |
hasRows = rs.next(); |
730 | 710 |
} |
731 |
//System.out.println("Passed the check for \"allow\" access"); |
|
711 |
|
|
732 | 712 |
|
733 | 713 |
// it is not allowed then check if it is "deny" with "denyFirst" |
734 | 714 |
// Bind the values to the query |
... | ... | |
747 | 727 |
( permOrder.equals("denyFirst") ) && |
748 | 728 |
( rs.wasNull() || ticketCount > 0 ) ) { |
749 | 729 |
if ( !rs.wasNull() && ticketCount > 0 ) { |
750 |
decreaseNumberOfAccess(accessValue,principal,docid,"deny","denyFirst"); |
|
730 |
decreaseNumberOfAccess(accessValue,principal,docid, |
|
731 |
"deny","denyFirst"); |
|
751 | 732 |
} |
752 | 733 |
pstmt.close(); |
753 | 734 |
return false; |
754 | 735 |
} |
755 | 736 |
hasRows = rs.next(); |
756 | 737 |
} |
757 |
//System.out.println("Passed the check for \"deny\" access wirh \"denyFirst\""); |
|
758 | 738 |
|
739 |
|
|
759 | 740 |
pstmt.close(); |
760 | 741 |
return false; |
761 | 742 |
|
... | ... | |
841 | 822 |
try { |
842 | 823 |
|
843 | 824 |
isOwned = isOwned(docid, user); |
844 |
systemID = getSystemID((String)MetaCatUtil.getOptionList(accDoctype).elementAt(0)); |
|
825 |
systemID = getSystemID((String)MetaCatUtil. |
|
826 |
getOptionList(accDoctype).elementAt(0)); |
|
845 | 827 |
publicAcc = getPublicAccess(docid); |
846 | 828 |
|
847 | 829 |
output.append("<?xml version=\"1.0\"?>\n"); |
Also available in: Unified diff
Code to handle "read" permission was changed in hasPermission method. The old code used old way to look up the public_access field in xml_documents table.