Project

General

Profile

« Previous | Next » 

Revision 946

Added by Jing Tao over 22 years ago

A method named hasReadPermission was added. The method will check if a user has permission toread a xml document.

View differences:

src/edu/ucsb/nceas/metacat/DocumentImpl.java
216 216
      Date localtime = new Date();
217 217
      String dateString = formatter.format(localtime);
218 218
  
219
      String sqlDateString = "to_date('" + dateString + "', 'YY-MM-DD HH24:MI:SS')";
219
      String sqlDateString = "to_date('" + dateString + 
220
                                          "', 'YY-MM-DD HH24:MI:SS')";
220 221
  
221 222
      StringBuffer sql = new StringBuffer();
222 223
      sql.append("insert into xml_documents (docid, docname, doctype, ");
223
      sql.append("user_owner, user_updated, server_location, rev, date_created");
224
      sql.append("user_owner, user_updated, server_location, rev,date_created");
224 225
      sql.append(", date_updated, public_access) values ('");
225 226
      sql.append(docid).append("','");
226 227
      sql.append(docname).append("','");
......
698 699
      pstmt =
699 700
      conn.prepareStatement("SELECT nodeid,parentnodeid,nodeindex, " +
700 701
           "nodetype,nodename,nodeprefix,nodedata " +               
701
           /*"replace(" +
702
           "replace(" +
703
           "replace(nodedata," + quotechar + "&" + quotechar + "," + quotechar + "&" +
704
           quotechar + ") " +
705
           "," + quotechar + "<" + quotechar + "," + quotechar + "&lt;" + 
706
           quotechar + ") " +
707
           "," + quotechar + ">" + quotechar + "," + quotechar + "&gt;" + 
708
           quotechar + ") " +*/
709 702
           "FROM xml_nodes WHERE rootnodeid = ?");
710 703

  
711 704
      // Bind the values to the query
......
725 718
        nodedata = MetaCatUtil.normalize(nodedata);
726 719
        // add the data to the node record list hashtable
727 720
        NodeRecord currentRecord = new NodeRecord(nodeid,parentnodeid,nodeindex,
728
                                       nodetype, nodename, nodeprefix, nodedata);
721
                                      nodetype, nodename, nodeprefix, nodedata);
729 722
        nodeRecordList.add(currentRecord);
730 723

  
731 724
        // Advance to the next node
......
973 966
                      updaterev + "&docid=" + docid);
974 967
      System.out.println("sending message: " + u.toString());
975 968
      String serverResStr = MetacatReplication.getURLContent(u);
976
      String openingtag = serverResStr.substring(0, serverResStr.indexOf(">")+1);
969
      String openingtag =serverResStr.substring(0, serverResStr.indexOf(">")+1);
977 970
      
978 971
      if(openingtag.equals("<lockgranted>"))
979 972
      {//the lock was granted go ahead with the insert
......
982 975
          MetacatReplication.replLog("lock granted for " + accnum + " from " +
983 976
                                      server);
984 977
          XMLReader parser = initializeParser(conn, action, docid, validate,
985
                                              user, groups, pub, serverCode, dtd);
978
                                            user, groups, pub, serverCode, dtd);
986 979
          conn.setAutoCommit(false);
987 980
          parser.parse(new InputSource(xml)); 
988 981
          conn.commit();
......
1127 1120
    return aclobj.hasPermission("WRITE", user, groups, docid);
1128 1121
  }
1129 1122

  
1123
  /** 
1124
    * Check for "READ" permission base on docid, user and group
1125
    *@docid, the document
1126
    *@user, user name
1127
    *@group, user's group
1128
    * 
1129
    */
1130
  public boolean hasReadPermission ( Connection conn, String user,
1131
                                  String[] groups, String docId ) 
1132
                  throws SQLException
1133
  {
1134
    // Check for READ permission on @docid for @user and/or @groups
1135
    AccessControlList aclObj = new AccessControlList(conn);
1136
    return aclObj.hasPermission("READ", user, groups, docId);
1137
  }  
1138

  
1130 1139
  /**
1131 1140
   * Set up the parser handlers for writing the document to the database
1132 1141
   */

Also available in: Unified diff