Project

General

Profile

Revision 1453

Added by Jing Tao over 18 years ago

Revise the sql for access control for return fields.

View differences:

src/edu/ucsb/nceas/metacat/QuerySpecification.java
716 716
  
717 717
  /** This sql command will selecet startnodeid and endnodeid that user can NOT
718 718
    * access
719
   */
719
    */
720 720
  public String printAccessControlSQLForReturnField(String doclist)
721 721
  {
722 722
    StringBuffer sql = new StringBuffer();
......
727 727
    sql.append(doclist);
728 728
    sql.append(") AND startnodeid IS NOT NULL AND ");
729 729
    sql.append("(");
730
    sql.append("(");
731
    sql.append("startnodeid NOT IN (SELECT startnodeid from xml_access, xml_documents ");
732
    sql.append(" WHERE xml_access.docid = xml_documents.docid");
733
    sql.append(" AND xml_documents.user_owner ='");
734
    sql.append(userName);
735
    sql.append("')"); 
736
    sql.append(")");
737
    sql.append(" AND ");
738
    sql.append("(");
730 739
    sql.append("(startnodeid NOT IN (SELECT startnodeid from xml_access where ");
731 740
    sql.append(allowString);
732 741
    sql.append(")");
......
736 745
    sql.append(")");
737 746
    sql.append(")");
738 747
    sql.append(")");
748
    sql.append(")");
739 749
    MetaCatUtil.debugMessage("accessControlSQLForReturnField: " +
740 750
                             sql.toString(), 30);
741 751
    return sql.toString();

Also available in: Unified diff