Project

General

Profile

Revision 952

Added by Jing Tao almost 19 years ago

The method - hasAllowRule was revised. If a action -read or update was approved, all ticket count of allow rule entries for this action will minus one if the entries have ticket count number (not null).

View differences:

src/edu/ucsb/nceas/metacat/AccessControlList.java
717 717
    * Check if the users array has allow rules for given users, docid and 
718 718
    * permission.
719 719
    * If it has permission rule and ticket count is greater than 0, the ticket
720
    * number will decrease one
720
    * number will decrease one for every allow rule
721 721
    * @param principals, list of names of principals to check for 
722 722
    * @param docid, document identifier to check for
723 723
    * @param permission, the permssion need to check
......
727 727
                  throws SQLException, Exception
728 728
 {
729 729
   int lengthOfArray=principals.length;
730
   boolean allow=false;//initial value is no allow rule
730 731
   ResultSet rs;
731 732
   PreparedStatement pStmt;
732 733
   int permissionValue=intValue(permission);
......
773 774
              decreaseNumberOfAccess(permissionValueInTable, principals[i],
774 775
                                              docId, ALLOW, ALLOWFIRST);
775 776
            }
777
           //ticketCount isnot null and greater than 0, order is not allowfirst
778
           if (!rs.wasNull() &&ticketCount>0 && !isAllowFirst(principals,docId))
779
           {
780
              decreaseNumberOfAccess(permissionValueInTable, principals[i],
781
                                              docId, ALLOW, DENYFIRST);
782
           }
783
          
784
           allow=true;//has allow rule entry
785
         }//if
786
      }//while
787
    }//for
788
    pStmt.close();
789
    return allow;
790
 }//hasAllowRule
791
 
792
  /**
793
    * Check if the users array has allow rules for given users, docid and 
794
    * permission.
795
    * If it has permission rule and ticket count is greater than 0, the ticket
796
    * number will decrease one
797
    * @param principals, list of names of principals to check for 
798
    * @param docid, document identifier to check for
799
    * @param permission, the permssion need to check
800
    */
801
  private boolean hasAllowRuleBackup(String [] principals, String docId, 
802
                                  String permission)
803
                  throws SQLException, Exception
804
 {
805
   int lengthOfArray=principals.length;
806
   ResultSet rs;
807
   PreparedStatement pStmt;
808
   int permissionValue=intValue(permission);
809
   int permissionValueInTable;
810
   int ticketCount;
811
   
812
   //This sql statement will select entry with 
813
   //begin_time<=currentTime<=end_time in xml_access table
814
   //If begin_time or end_time is null in table, isnull(begin_time, sysdate)
815
   //function will assign begin_time=sysdate
816
   pStmt = conn.prepareStatement(
817
                "SELECT permission, ticket_count " +
818
                "FROM xml_access " +
819
                "WHERE docid = ? " + 
820
                "AND principal_name = ? " +
821
                "AND perm_type = ? " +
822
                "AND " + sysdate + 
823
                " BETWEEN " + isnull + "(begin_time," + sysdate + ") " +
824
                     "AND " + isnull + "(end_time," + sysdate + ")");
825
   //bind docid, perm_type
826
   pStmt.setString(1, docId);
827
   pStmt.setString(3, ALLOW);
828
   
829
   //bind every elenment in user name array
830
    for (int i=0;i<lengthOfArray; i++)
831
    {
832
      pStmt.setString(2, principals[i]);
833
      pStmt.execute();
834
      rs=pStmt.getResultSet();
835
      while (rs.next())//check every entry for one user
836
      {
837
        permissionValueInTable=rs.getInt(1);
838
        ticketCount=rs.getInt(2);
839
       
840
        //permission is ok and ticketcount geat than 0 or ticket is null, 
841
        //the user have a permission to access the file
842
        if ((( permissionValueInTable & permissionValue )== permissionValue )
843
              && (rs.wasNull()||ticketCount > 0))
844
        {
845
           //ticket count should minus one 
846
           //ticketCount isnot null and greater than 0, order is allowfirst
847
           if (!rs.wasNull() && ticketCount>0 && isAllowFirst(principals,docId))
848
           {
849
              decreaseNumberOfAccess(permissionValueInTable, principals[i],
850
                                              docId, ALLOW, ALLOWFIRST);
851
            }
776 852
           //ticketCount isnot null and greater than 0, order is not allowfirst
777 853
           if (!rs.wasNull() &&ticketCount>0 && !isAllowFirst(principals,docId))
778 854
           {

Also available in: Unified diff