privilege.java

源码/软件简介: 云网论坛1.1RC国际版是采用JSP开发的集论坛、CMS（网站内容管理系统）、博客、聊天室、商城、交友、语音灌水等于一体的门户式社区。拥有CWBBS ( Cloud Web BBS

package com.redmoon.forum;

/**
 * Title:        bluewind's forum
 * Description:
 * Copyright:    Copyright (c) 2002
 * Company:
 * @author 	 bluewind
 * @version 1.0
 */
import java.sql.*;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletRequest;
import cn.js.fan.util.*;
import org.apache.log4j.Logger;
import com.redmoon.forum.person.UserDb;
import java.util.Iterator;
import com.redmoon.forum.plugin.base.IPluginPrivilege;
import java.util.Vector;
import com.redmoon.forum.plugin.PluginUnit;
import com.redmoon.forum.plugin.PluginMgr;
import cn.js.fan.module.pvg.Priv;
import cn.js.fan.security.SecurityUtil;
import javax.servlet.http.HttpServletResponse;
import com.redmoon.forum.person.WrongPasswordException;
import java.util.Calendar;
import com.redmoon.forum.life.prision.Prision;
import com.redmoon.forum.person.InvalidNameException;
import com.redmoon.forum.security.IPMonitor;
import com.redmoon.forum.err.UserArrestedException;
import com.redmoon.kit.util.FileUpload;
import com.redmoon.forum.plugin.EntranceMgr;
import com.redmoon.forum.plugin.EntranceUnit;
import com.redmoon.forum.plugin.base.IPluginEntrance;
import cn.js.fan.web.SkinUtil;
import java.util.Locale;

public class Privilege {
    Logger logger = Logger.getLogger(Privilege.class.getName());
    boolean debug = false;

    public static final String MASTER = "sq_master";

    public static final String COOKIE_CWBBS_AUTH = "cwbbs.auth";
    public static final String SESSION_CWBBS_AUTH = "cwbbs.auth";

    public static final int LOGIN_SAVE_NONE = 0;
    public static final int LOGIN_SAVE_DAY = 1;
    public static final int LOGIN_SAVE_MONTH = 2;
    public static final int LOGIN_SAVE_YEAR = 3;

    private final static int ENCODE_XORMASK = 0x5A;
    private final static char ENCODE_DELIMETER = '\002';
    private final static char ENCODE_CHAR_OFFSET1 = 'A';
    private final static char ENCODE_CHAR_OFFSET2 = 'h';

    public Privilege() {
    }

    public boolean isRequestValid(HttpServletRequest request) throws
            SQLException {
        if (request.getRequestURL().indexOf(request.getServerName()) == -1)
            return false;
        else
            return true;
    }

    public boolean isMasterLogin(HttpServletRequest request) {
        cn.js.fan.module.pvg.Privilege pvg = new cn.js.fan.module.pvg.Privilege();
        if (pvg.isUserPrivValid(request, Priv.PRIV_ADMIN))
            return true;
        if (pvg.isUserPrivValid(request, Priv.PRIV_FORUM))
            return true;
        return false;
    }

    public boolean isMasterPrivValid(HttpServletRequest request, String priv) {
        cn.js.fan.module.pvg.Privilege pvg = new cn.js.fan.module.pvg.Privilege();
        if (pvg.isUserPrivValid(request, Priv.PRIV_ADMIN))
            return true;
        if (pvg.isUserPrivValid(request, Priv.PRIV_FORUM))
            return true;
        if (pvg.isUserPrivValid(request, priv))
            return true;
        return false;
    }

    public String getMaster(HttpServletRequest request) {
        HttpSession session = request.getSession(true);
        return (String) session.getAttribute(MASTER);
    }

    public boolean canWebEditRedMoon(HttpServletRequest request,
                                     String boardCode) {
        if (boardCode.equals(Leaf.CODE_BLOG))
            return true;
        // 检查版块是否允许高级发贴方式
        Leaf lf = new Leaf();
        lf = lf.getLeaf(boardCode);
        if (lf == null || !lf.isLoaded())
            return false;
        if (lf.getWebeditAllowType() ==
            lf.WEBEDIT_ALLOW_TYPE_UBB_NORMAL_REDMOON ||
            lf.getWebeditAllowType() == lf.WEBEDIT_ALLOW_TYPE_REDMOON_FIRST) {
            return true;
        } else {
            // 如果版块不允许WebEdit控件发贴方式，则只有版主和总管理员才可用
            if (isManagerLogin(request) || isMasterLogin(request))
                return true;
        }
        return false;
    }

    public String LoadString(HttpServletRequest request, String key) {
        return SkinUtil.LoadString(request, "res.forum.Privilege", key);
    }

    /**
     * 检查用户能否进入版块
     * @param request HttpServletRequest
     * @param boardCode String
     * @return boolean
     * @throws ErrMsgException
     */
    public boolean checkCanEnterBoard(HttpServletRequest request, String boardCode) throws ErrMsgException {
        Leaf curleaf = new Leaf();
        curleaf = curleaf.getLeaf(boardCode);
        if (curleaf == null || !curleaf.isLoaded()) {
            throw new ErrMsgException(LoadString(request, "err_board_lost")); // "版块 " + boardCode + " 不存在！");
        }
        Privilege privilege = new Privilege();
        if (curleaf.isLocked()) {
            // 如果不是管理员
            if (!privilege.isMasterLogin(request)) {
                throw new ErrMsgException(LoadString(request, "err_board_locked"));
            }
        }

        // 检查是否可以进入版块
        EntranceMgr em = new EntranceMgr();
        Vector vEntrancePlugin = em.getAllEntranceUnitOfBoard(boardCode);
        if (vEntrancePlugin.size() > 0) {
            Iterator irpluginentrance = vEntrancePlugin.iterator();
            while (irpluginentrance.hasNext()) {
                EntranceUnit eu = (EntranceUnit) irpluginentrance.next();
                IPluginEntrance ipe = eu.getEntrance();
                ipe.canEnter(request, boardCode);
            }
        }
        return true;
    }

    public boolean canAddNew(HttpServletRequest request, String boardCode, FileUpload fu) throws ErrMsgException {
        checkCanEnterBoard(request, boardCode);
        if (isUserLogin(request)) {
            Config cfg = new Config();
            if (cfg.getBooleanProperty("forum.addUseValidateCode")) {
                if (isValidateCodeRight(request, fu))
                    return true;
                else
                    throw new ErrMsgException(LoadString(request, "err_validate_code"));
            }
            else
                return true;
        } else
            throw new ErrMsgException(SkinUtil.LoadString(request, "err_not_login"));
    }

    public boolean canAddReply(HttpServletRequest request, String boardCode, FileUpload fu) throws
            ErrMsgException {
        checkCanEnterBoard(request, boardCode);
        if (isUserLogin(request)) {
            Config cfg = new Config();
            if (cfg.getBooleanProperty("forum.addUseValidateCode")) {
                if (isValidateCodeRight(request, fu))
                    return true;
                else
                    throw new ErrMsgException(LoadString(request, "err_validate_code"));
            }
            else
                return true;
        } else
            throw new ErrMsgException(SkinUtil.LoadString(request, "err_not_login"));
    }

    public boolean canAddQuickReply(HttpServletRequest request,
                                    String boardcode, MsgDb remsg) throws
            ErrMsgException {
        checkCanEnterBoard(request, boardcode);
        if (!isUserLogin(request)) {
            throw new ErrMsgException(SkinUtil.LoadString(request, "err_not_login"));
        }
        Config cfg = new Config();
        if (cfg.getBooleanProperty("forum.addUseValidateCode")) {
            if (isValidateCodeRight(request))
                ;
            else
                throw new ErrMsgException(LoadString(request, "err_validate_code"));
        }
        // 插件的权限检查
        PluginMgr pm = new PluginMgr();
        Vector vplugin = pm.getAllPluginUnitOfBoard(boardcode);
        if (vplugin.size() > 0) {
            Iterator irplugin = vplugin.iterator();
            while (irplugin.hasNext()) {
                PluginUnit pu = (PluginUnit) irplugin.next();
                IPluginPrivilege ipp = pu.getPrivilege();
                if (ipp != null && !ipp.canAddQuickReply(request, remsg)) {
                    String s = LoadString(request, "err_plugin");
                    s = s.replaceFirst("\\$p", pu.getName(request));
                    throw new ErrMsgException(s);
                }
            }
        }
        return true;
    }

    public boolean canManage(HttpServletRequest request, long id) throws ErrMsgException {
        if (isMasterPrivValid(request, Priv.PRIV_FORUM_MESSAGE))
            return true;
        if (!isUserLogin(request))
            throw new ErrMsgException(SkinUtil.LoadString(request, "err_not_login"));

        String name = getUser(request);

        // 查询该贴所对应的版面
        MsgDb md = new MsgDb();
        md = md.getMsgDb(id);
        if (!md.isLoaded())
            return false;
        String boardcode = md.getboardcode();
        if (boardcode == null)
            return false;
        // 验证该贴是否为用户所写的博客
        if (md.isBlog()) {
            if (md.getName().equals(name))
                return true;
        }
        // 验证是否为版主
        BoardManagerDb bm = new BoardManagerDb();
        bm = bm.getBoardManagerDb(boardcode, name);
        if (bm.isLoaded()) {
            return true;
        }
        return false;
    }

    public boolean isManager(HttpServletRequest request, String boardCode) {
        if (!isUserLogin(request))
            return false;

        if (isMasterPrivValid(request, Priv.PRIV_FORUM_MESSAGE))
            return true;

        // 验证是否为版主
        BoardManagerDb bm = new BoardManagerDb();
        bm = bm.getBoardManagerDb(boardCode, getUser(request));
        if (bm.isLoaded()) {
            return true;
        }