[metacat-cvs] metacat/src/edu/ucsb/nceas/metacat QuerySpecification.java
Saurabh Garg
sgarg at ecoinformatics.org
Wed Nov 30 11:02:14 PST 2005
sgarg 05/11/30 11:02:14
Modified: src/edu/ucsb/nceas/metacat QuerySpecification.java
Log:
fix for the access control check - earlier only permission 4 and 7 were checked for read. Now the query checks for permissions 5 and 6 also
Revision Changes Path
1.77 +14 -8 metacat/src/edu/ucsb/nceas/metacat/QuerySpecification.java
Index: QuerySpecification.java
===================================================================
RCS file: /cvs/metacat/src/edu/ucsb/nceas/metacat/QuerySpecification.java,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- QuerySpecification.java 17 Oct 2005 18:15:40 -0000 1.76
+++ QuerySpecification.java 30 Nov 2005 19:02:14 -0000 1.77
@@ -10,8 +10,8 @@
* Release: @release@
*
* '$Author: sgarg $'
- * '$Date: 2005/10/17 18:15:40 $'
- * '$Revision: 1.76 $'
+ * '$Date: 2005/11/30 19:02:14 $'
+ * '$Revision: 1.77 $'
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -265,12 +265,14 @@
if (userName != null && !userName.equals("")) {
allowQuery = allowQuery + "(lower(principal_name) = '" + userName
+ "' AND perm_type = 'allow'"
- + " AND (permission='4' OR permission='7'))";
+ + " AND (permission='4' OR permission='5' "
+ + "OR permission='6' OR permission='7'))";
}
// add allow rule for public
allowQuery = allowQuery + "OR (lower(principal_name) = '" + PUBLIC
+ "' AND perm_type = 'allow'"
- + " AND (permission='4' OR permission='7'))";
+ + " AND (permission='4' OR permission='5' "
+ + "OR permission='6' OR permission='7'))";
// add allow rule for group
if (group != null) {
@@ -280,7 +282,8 @@
groupUint = groupUint.toLowerCase();
allowQuery = allowQuery + " OR (lower(principal_name) = '"
+ groupUint + "' AND perm_type = 'allow'"
- + " AND (permission='4' OR permission='7'))";
+ + " AND (permission='4' OR permission='5' "
+ + "OR permission='6' OR permission='7'))";
}//if
}//for
}//if
@@ -313,12 +316,14 @@
denyQuery = denyQuery + "(lower(principal_name) = '" + userName
+ "' AND perm_type = 'deny' "
+ "AND perm_order ='allowFirst'"
- + " AND (permission='4' OR permission='7'))";
+ + " AND (permission='4' OR permission='5' "
+ + "OR permission='6' OR permission='7'))";
}
// add deny rule for public
denyQuery = denyQuery + "OR (lower(principal_name) = '" + PUBLIC
+ "' AND perm_type = 'deny' " + "AND perm_order ='allowFirst'"
- + " AND (permission='4' OR permission='7'))";
+ + " AND (permission='4' OR permission='5' "
+ + "OR permission='6' OR permission='7'))";
// add allow rule for group
if (group != null) {
@@ -329,7 +334,8 @@
denyQuery = denyQuery + " OR (lower(principal_name) = '"
+ groupUint + "' AND perm_type = 'deny' "
+ "AND perm_order ='allowFirst'"
- + " AND (permission='4' OR permission='7'))";
+ + " AND (permission='4' OR permission='5' "
+ + "OR permission='6' OR permission='7'))";
}//if
}//for
}//if
More information about the Metacat-cvs
mailing list