amy/venice-dynamo-rewrite
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

implemented the "floating" menu properly, and the transitions between the

Browse Source 
different menus; also debugged the ACL permission testing
This commit is contained in:
Eric J. Bowersox
2003-06-16 06:54:25 +00:00
parent 96b6f27e2c
commit 821a0be3eb
14 changed files with 209 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
src/dynamo-framework/com/silverwrist/dynamo/security/AclOperations_mysql.java
View File

@@ -21,6 +21,7 @@ import java.security.acl.LastOwnerException;
import java.security.acl.NotOwnerException;
import java.sql.*;
import java.util.*;
import org.apache.log4j.Logger;
import com.silverwrist.util.*;
import com.silverwrist.dynamo.except.*;
import com.silverwrist.dynamo.iface.*;
@@ -33,6 +34,8 @@ class AclOperations_mysql extends AclOperations
*--------------------------------------------------------------------------------
*/
private static Logger logger = Logger.getLogger(AclOperations_mysql.class);
private static final int OWNERFLAG_USER = 0;
private static final int OWNERFLAG_GROUP = 1;
@@ -690,6 +693,8 @@ class AclOperations_mysql extends AclOperations
boolean testUserPermission(int aclid, int uid, PropertyKey perm) throws DatabaseException
{
if (logger.isDebugEnabled())
logger.debug("testUserPermission(): aclid = " + aclid + ", uid = " + uid + ", perm = " + perm);
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rs = null;
@@ -700,7 +705,7 @@ class AclOperations_mysql extends AclOperations
int table_index = 0;
// test for positive and negative user values first
stmt = conn.prepareStatement("SELECT ace.flags FROM acedata, ace, acldata, groupmembers "
stmt = conn.prepareStatement("SELECT DISTINCT ace.aceid, ace.flags FROM acedata, ace, acldata, groupmembers "
+ "WHERE acedata.perm_nsid = ? AND acedata.perm_name = ? "
+ "AND acedata.aceid = ace.aceid AND ace.aceid = acldata.aceid "
+ "AND acldata.aclid = ? AND (ace.flags = 0 OR ace.flags = 16) "
@@ -710,21 +715,35 @@ class AclOperations_mysql extends AclOperations
stmt.setInt(3,aclid);
stmt.setInt(4,uid);
rs = stmt.executeQuery();
boolean positive = false, negative = false;
while (rs.next())
{ // examine flag values
int flag = rs.getInt(1);
if (flag==0)
table_index += 8; // positive user
if (logger.isDebugEnabled())
logger.debug("Matched ACE " + rs.getInt(1) + ", flag = " + rs.getInt(2));
int flag = rs.getInt(2);
if ((flag==0) && !positive)
{ // positive user
table_index += 8;
positive = true;
} // end if
else if (flag==16)
table_index += 2; // negative user
{ // negative user
table_index += 2;
negative = true;
} // end else if
if (positive && negative)
break; // can't get better results
} // end while
// then test for positive and negative group values
SQLUtils.shutdown(rs);
rs.close();
rs = null;
SQLUtils.shutdown(stmt);
stmt = conn.prepareStatement("SELECT DISTINCT ace.flags FROM acedata, ace, acldata, groupmembers "
stmt.close();
stmt = conn.prepareStatement("SELECT DISTINCT ace.aceid, ace.flags FROM acedata, ace, acldata, groupmembers "
+ "WHERE acedata.perm_nsid = ? AND acedata.perm_name = ? "
+ "AND acedata.aceid = ace.aceid AND ace.aceid = acldata.aceid "
+ "AND acldata.aclid = ? AND (ace.flags = 1 OR ace.flags = 17) "
@@ -734,13 +753,27 @@ class AclOperations_mysql extends AclOperations
stmt.setInt(3,aclid);
stmt.setInt(4,uid);
rs = stmt.executeQuery();
positive = negative = false;
while (rs.next())
{ // examine flag values
int flag = rs.getInt(1);
if (logger.isDebugEnabled())
logger.debug("Matched ACE " + rs.getInt(1) + ", flag = " + rs.getInt(2));
int flag = rs.getInt(2);
if (flag==1)
table_index += 4; // positive group
{ // positive group
table_index += 4;
positive = true;
} // end if
else if (flag==17)
table_index += 1; // negative group
{ // negative group
table_index += 1;
negative = true;
} // end else if
if (positive && negative)
break; // can't get better results
} // end while
@@ -765,6 +798,8 @@ class AclOperations_mysql extends AclOperations
boolean testGroupPermission(int aclid, int gid, PropertyKey perm) throws DatabaseException
{
if (logger.isDebugEnabled())
logger.debug("testGroupPermission(): aclid = " + aclid + ", gid = " + gid + ", perm = " + perm);
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rs = null;
@@ -776,8 +811,8 @@ class AclOperations_mysql extends AclOperations
boolean negative = false;
// test for positive and negative values simultaneously
stmt = conn.prepareStatement("SELECT acedata.aceflags FROM acedata, ace, acldata, groupmembers "
+ "WHERE acedata.perm_nsid = ? AND acedata.perm_name = ? "
stmt = conn.prepareStatement("SELECT DISTINCT acedata.aceid, acedata.aceflags FROM acedata, ace, acldata, "
+ "groupmembers WHERE acedata.perm_nsid = ? AND acedata.perm_name = ? "
+ "AND acedata.aceid = ace.aceid AND ace.aceid = acldata.aceid "
+ "AND acldata.aclid = ? AND (ace.flags = 1 OR ace.flags = 17) "
+ "AND ace.pri = ?;");
@@ -788,11 +823,15 @@ class AclOperations_mysql extends AclOperations
rs = stmt.executeQuery();
while (rs.next())
{ // examine flag values
int flag = rs.getInt(1);
if (logger.isDebugEnabled())
logger.debug("Matched ACE " + rs.getInt(1) + ", flag = " + rs.getInt(2));
int flag = rs.getInt(2);
if (flag==1)
positive = true; // positive group
else if (flag==17)
negative = true; // negative group
if (positive && negative)
break; // can't get better results
} // end while