📄 cmsresourcebroker.java
字号:
}
// check the rights for the current resource
if( ! ( accessOther(resource, C_ACCESS_PUBLIC_WRITE) ||
accessOwner(currentUser, currentProject, resource, C_ACCESS_OWNER_WRITE) ||
accessGroup(currentUser, currentProject, resource, C_ACCESS_GROUP_WRITE) ) ) {
// no write access to this resource!
return false;
}
// read the parent folder
if(resource.getParent() != null) {
// readFolder without checking access
resource = m_dbAccess.readFolder(resource.getProjectId(), resource.getRootName()+resource.getParent());
} else {
// no parent folder!
return true;
}
// check the rights and if the resource is not locked
// for parent folders only read access is needed
do {
if( accessOther(resource, C_ACCESS_PUBLIC_READ) ||
accessOwner(currentUser, currentProject, resource, C_ACCESS_OWNER_READ) ||
accessGroup(currentUser, currentProject, resource, C_ACCESS_GROUP_READ) ) {
// is the resource locked?
if( resource.isLocked() && (resource.isLockedBy() != currentUser.getId() ) ) {
// resource locked by anopther user, no creation allowed
return(false);
}
// read next resource
if(resource.getParent() != null) {
// readFolder without checking access
resource = m_dbAccess.readFolder(resource.getProjectId(), resource.getRootName()+resource.getParent());
}
} else {
// last check was negative
return(false);
}
} while(resource.getParent() != null);
// all checks are done positive
return(true);
}
/**
* Checks, if the user may write this resource.
*
* @param currentUser The user who requested this method.
* @param currentProject The current project of the user.
* @param resource The resource to check.
*
* @return wether the user has access, or not.
*/
public boolean accessWrite(CmsUser currentUser, CmsProject currentProject,
String resourceName) throws CmsException {
CmsResource resource = m_dbAccess.readFileHeader(currentProject.getId(), resourceName, false);
return accessWrite(currentUser,currentProject,resource);
}
/**
* Checks, if the user may write the unlocked resource.
*
* @param currentUser The user who requested this method.
* @param currentProject The current project of the user.
* @param resource The resource to check.
*
* @return wether the user has access, or not.
*/
public boolean accessWriteUnlocked(CmsUser currentUser, CmsProject currentProject,
CmsResource resource) throws CmsException {
// check, if this is the onlineproject
if(currentProject.isOnlineProject()){
// the online-project is not writeable!
return(false);
}
// check the access to the project
if( ! accessProject(currentUser, currentProject, currentProject.getId()) ) {
// no access to the project!
return(false);
}
// check if the resource belongs to the current project
if(resource.getProjectId() != currentProject.getId()) {
return false;
}
// check the rights for the current resource
if( ! ( accessOther(resource, C_ACCESS_PUBLIC_WRITE) ||
accessOwner(currentUser, currentProject, resource, C_ACCESS_OWNER_WRITE) ||
accessGroup(currentUser, currentProject, resource, C_ACCESS_GROUP_WRITE) ) ) {
// no write access to this resource!
return false;
}
// read the parent folder
if(resource.getParent() != null) {
// readFolder without checking access
resource = m_dbAccess.readFolder(resource.getProjectId(), resource.getRootName()+resource.getParent());
} else {
// no parent folder!
return true;
}
// check the rights and if the resource is not locked
// for parent folders only read access is needed
do {
if( accessOther(resource, C_ACCESS_PUBLIC_READ) ||
accessOwner(currentUser, currentProject, resource, C_ACCESS_OWNER_READ) ||
accessGroup(currentUser, currentProject, resource, C_ACCESS_GROUP_READ) ) {
// is the resource locked?
if( resource.isLocked() && (resource.isLockedBy() != currentUser.getId() ) ) {
// resource locked by anopther user, no creation allowed
return(false);
}
// read next resource
if(resource.getParent() != null) {
// readFolder without checking access
resource = m_dbAccess.readFolder(resource.getProjectId(), resource.getRootName()+resource.getParent());
}
} else {
// last check was negative
return(false);
}
} while(resource.getParent() != null);
// all checks are done positive
return(true);
}
/**
* adds a file extension to the list of known file extensions
*
* <B>Security:</B>
* Users, which are in the group "administrators" are granted.<BR/>
*
* @param currentUser The user who requested this method.
* @param currentProject The current project of the user.
* @param extension a file extension like 'html'
* @param resTypeName name of the resource type associated to the extension
*/
public void addFileExtension(CmsUser currentUser, CmsProject currentProject,
String extension, String resTypeName)
throws CmsException {
if (extension != null && resTypeName != null) {
if (isAdmin(currentUser, currentProject)) {
Hashtable suffixes=(Hashtable) m_dbAccess.readSystemProperty(C_SYSTEMPROPERTY_EXTENSIONS);
if (suffixes == null) {
suffixes = new Hashtable();
suffixes.put(extension, resTypeName);
m_dbAccess.addSystemProperty(C_SYSTEMPROPERTY_EXTENSIONS, suffixes);
} else {
suffixes.put(extension, resTypeName);
m_dbAccess.writeSystemProperty(C_SYSTEMPROPERTY_EXTENSIONS, suffixes);
}
} else {
throw new CmsException("[" + this.getClass().getName() + "] " + extension,
CmsException.C_NO_ACCESS);
}
}
}
/**
* Add a new group to the Cms.<BR/>
*
* Only the admin can do this.<P/>
*
* <B>Security:</B>
* Only users, which are in the group "administrators" are granted.
*
* @param currentUser The user who requested this method.
* @param currentProject The current project of the user.
* @param name The name of the new group.
* @param description The description for the new group.
* @param flags The flags for the new group.
* @param name The name of the parent group (or null).
*
* @return Group
*
* @throws CmsException Throws CmsException if operation was not succesfull.
*/
public CmsGroup addGroup(CmsUser currentUser, CmsProject currentProject,
String name, String description, int flags, String parent)
throws CmsException {
// Check the security
if( isAdmin(currentUser, currentProject) ) {
name = name.trim();
validFilename(name);
// check the lenght of the groupname
if(name.length() > 1) {
return( m_dbAccess.createGroup(name, description, flags, parent) );
} else {
throw new CmsException("[" + this.getClass().getName() + "] " + name, CmsException.C_BAD_NAME);
}
} else {
throw new CmsException("[" + this.getClass().getName() + "] " + name,
CmsException.C_NO_ACCESS);
}
}
/**
* Adds a user to the Cms.
*
* Only a adminstrator can add users to the cms.<P/>
*
* <B>Security:</B>
* Only users, which are in the group "administrators" are granted.
*
* @param currentUser The user who requested this method.
* @param currentProject The current project of the user.
* @param name The new name for the user.
* @param password The new password for the user.
* @param group The default groupname for the user.
* @param description The description for the user.
* @param additionalInfos A Hashtable with additional infos for the user. These
* Infos may be stored into the Usertables (depending on the implementation).
* @param flags The flags for a user (e.g. C_FLAG_ENABLED)
*
* @return user The added user will be returned.
*
* @throws CmsException Throws CmsException if operation was not succesfull.
*/
public CmsUser addUser(CmsObject cms, CmsUser currentUser, CmsProject currentProject, String name,
String password, String group, String description,
Hashtable additionalInfos, int flags)
throws CmsException {
// Check the security
if( isAdmin(currentUser, currentProject) ) {
// no space before or after the name
name = name.trim();
// check the username
validFilename(name);
// check the password
Utils.validateNewPassword(cms, password, null);
if(name.length() > 0 ) {
CmsGroup defaultGroup = readGroup(currentUser, currentProject, group);
CmsUser newUser = m_dbAccess.addUser(name, password, description, " ", " ", " ", 0, 0, C_FLAG_ENABLED, additionalInfos, defaultGroup, " ", " ", C_USER_TYPE_SYSTEMUSER);
addUserToGroup(currentUser, currentProject, newUser.getName(),defaultGroup.getName());
return newUser;
} else {
throw new CmsException("[" + this.getClass().getName() + "] " + name,
CmsException.C_SHORT_PASSWORD);
}
} else {
throw new CmsException("[" + this.getClass().getName() + "] " + name,
CmsException.C_NO_ACCESS);
}
}
/**
* Adds a user to the Cms.
*
* Only a adminstrator can add users to the cms.<P/>
*
* <B>Security:</B>
* Only users, which are in the group "administrators" are granted.
*
* @param currentUser The user who requested this method.
* @param currentProject The current project of the user.
* @param name The name for the user.
* @param password The password for the user.
* @param recoveryPassword The recoveryPassword for the user.
* @param description The description for the user.
* @param firstname The firstname of the user.
* @param lastname The lastname of the user.
* @param email The email of the user.
* @param flags The flags for a user (e.g. C_FLAG_ENABLED)
* @param additionalInfos A Hashtable with additional infos for the user. These
* Infos may be stored into the Usertables (depending on the implementation).
* @param defaultGroup The default groupname for the user.
* @param address The address of the user
* @param section The section of the user
* @param type The type of the user
*
* @return user The added user will be returned.
*
* @throws CmsException Throws CmsException if operation was not succesfull.
*/
public CmsUser addImportUser(CmsUser currentUser, CmsProject currentProject,
String name, String password, String recoveryPassword, String description,
String firstname, String lastname, String email, int flags, Hashtable additionalInfos,
String defaultGroup, String address, String section, int type)
throws CmsException {
// Check the security
if( isAdmin(currentUser, currentProject) ) {
// no space before or after the name
name = name.trim();
// check the username
validFilename(name);
CmsGroup group = readGroup(currentUser, currentProject, defaultGroup);
CmsUser newUser = m_dbAccess.addImportUser(name, password, recoveryPassword, description, firstname, lastname, email, 0, 0, flags, additionalInfos, group, address, section, type);
addUserToGroup(currentUser, currentProject, newUser.getName(), group.getName());
return newUser;
} else {
throw new CmsException("[" + this.getClass().getName() + "] " + name,
CmsException.C_NO_ACCESS);
}
}
/**
* Adds a user to a group.<BR/>
*
* Only the admin can do this.<P/>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -