📄 sdbms.cpp
字号:
nUserCount = ParseStrings(strUserNames, strUserName);
//从字符串中分解出表名
nTableCount = ParseStrings(strTableNames, strTableName);
for (int i=0; i<nUserCount; i++)
for (int j=0; j<nTableCount; j++)
DoSetCurrentSecurityLevel(strUserName[i], strTableName[j], *pSecLevel);
return TRUE;
}
/**********************************************************************
功能:准备设置表安全级
***********************************************************************/
BOOL CSdbms::PreSetTableSecurityLevel(CSdbms_SecurityLevel *pSecLevel,CString strTableNames)
{
int nTableCount = 0;
CString strTableName[100];
//从字符串中分解出表名
nTableCount = ParseStrings(strTableNames, strTableName);
for (int i=0; i<nTableCount; i++)
DoSetTableSecurityLevel(strTableName[i], *pSecLevel);
return TRUE;
}
/**********************************************************************
功能:准备创建新表
***********************************************************************/
BOOL CSdbms::PreCreateTable(CString strTableName, UINT nColsCount, CSdbms_Cols *pCSdbms_Cols,
CString strKeyColNames, CSdbms_SecurityLevel *pSecLevel/*=NULL*/)
{
ASSERT(!strTableName.IsEmpty());
ASSERT(nColsCount > 0);
ASSERT(pCSdbms_Cols);
int nKeyCount = 0;
CString strKeyColName[100];
//从字符串中分解出关键字
nKeyCount = ParseStrings(strKeyColNames, strKeyColName);
for (int i=0; i<nKeyCount; i++)
{
for (UINT j=0; j<nColsCount; j++)
{
if (strKeyColName[i].CompareNoCase(pCSdbms_Cols[j].m_strFieldName) == 0)
{
pCSdbms_Cols[j].m_bKey = TRUE;
pCSdbms_Cols[j].m_bCanNull = FALSE;
break;
}
}
if (j == nColsCount) //没有该关键字属性
{
sprintf(g_strMsg, "%s不是表%s中的属性", strKeyColName[i], strTableName);
g_msg.ThrowErrorMsg(g_strMsg);
}
}
return DoCreateTable(strTableName, nColsCount, pCSdbms_Cols, pSecLevel);
}
/**********************************************************************
功能:准备删除表
***********************************************************************/
BOOL CSdbms::PreDropTable(CString strTableNames)
{
ASSERT(!strTableNames.IsEmpty());
int nTableCount = 0;
CString strTableName[100];
//从字符串中分解出表名
nTableCount = ParseStrings(strTableNames, strTableName);
for (int i=0; i<nTableCount; i++)
DoDropTable(strTableName[i]);
return TRUE;
}
/**********************************************************************
功能:准备INSERT记录
***********************************************************************/
BOOL CSdbms::PreInsert(CString strTableName, CString strFieldNames, UINT nValuesCount, CSdbms_Values *pValues)
{
ASSERT(!strTableName.IsEmpty());
ASSERT(!strFieldNames.IsEmpty());
ASSERT(nValuesCount > 0);
ASSERT(pValues);
int nKeyCount = 0;
CString strFieldName[100];
//从字符串中分解出关键字
nKeyCount = ParseStrings(strFieldNames, strFieldName);
return DoInsert(strTableName, nKeyCount, strFieldName, nValuesCount, pValues);
}
/**********************************************************************
功能:准备UPDATE记录
***********************************************************************/
BOOL CSdbms::PreUpdate(CString strTableName, CString strFieldNames, UINT nValuesCount, CSdbms_Values *pValues, CSdbms_Condition *pCondition/*=NULL*/)
{
ASSERT(!strTableName.IsEmpty());
ASSERT(!strFieldNames.IsEmpty());
ASSERT(nValuesCount > 0);
ASSERT(pValues);
int nKeyCount = 0;
CString strFieldName[100];
//从字符串中分解出关键字
nKeyCount = ParseStrings(strFieldNames, strFieldName);
return DoUpdate(strTableName, nKeyCount, strFieldName, nValuesCount, pValues, pCondition);
}
/**********************************************************************
功能:准备SELECT记录
***********************************************************************/
BOOL CSdbms::PreSelect(UINT nExprCount, CSdbms_Express **ppExpr, CString strTableNames,
CSdbms_Condition *pCondition, UINT nOrderCount, CSdbms_OrderList *pOrder, CSdbms_SecurityLevel *pSecLevel)
{
ASSERT(!strTableNames.IsEmpty());
int nTableCount = 0;
CString strTableName[100];
//从字符串中分解出表名
nTableCount = ParseStrings(strTableNames, strTableName);
return DoSelect(nExprCount, ppExpr, nTableCount, strTableName,
pCondition, nOrderCount, pOrder, pSecLevel);
}
/**********************************************************************
功能:准备审计设置1
***********************************************************************/
BOOL CSdbms::PreAudit1(CString strUserNames, CString strRoleNames)
{
int nUserCount=0, nRoleCount=0;
CString strUserName[100], strRoleName[100];
//从字符串中分解出用户
nUserCount = ParseStrings(strUserNames, strUserName);
//从字符串中分解出角色名
nRoleCount = ParseStrings(strRoleNames, strRoleName);
for (int i=0; i<nUserCount; i++)
DoAuditUser(strUserName[i]);
for (int j=0; j<nRoleCount; j++)
DoAuditRole(strRoleName[j]);
return TRUE;
}
/**********************************************************************
功能:准备审计设置2
***********************************************************************/
BOOL CSdbms::PreAudit2(CString strObjectRights, CString strTableName, CString strUserNames, CString strRoleNames)
{
int nUserCount=0, nRoleCount=0, nRightCount=0;
CString strUserName[100], strRoleName[100], strObjectRight[100];
ObjectRight nObjectRight[100];
//从字符串中分解出用户
nUserCount = ParseStrings(strUserNames, strUserName);
//从字符串中分解出角色名
nRoleCount = ParseStrings(strRoleNames, strRoleName);
//从字符串中分解出权限
nRightCount = ParseStrings(strObjectRights, strObjectRight);
for (int i=0; i<nRightCount; i++)
{
nObjectRight[i] = (ObjectRight)atoi(strObjectRight[i]);
for (int k=0; k<nUserCount; k++)
DoAuditUser(nObjectRight[i], strUserName[k], strTableName);
for (k=0; k<nRoleCount; k++)
DoAuditRole(nObjectRight[i], strRoleName[k], strTableName);
}
return TRUE;
}
/**********************************************************************
功能:准备审计设置3
***********************************************************************/
BOOL CSdbms::PreAudit3(CString strSystemRights, CString strUserNames, CString strRoleNames)
{
int nUserCount=0, nRoleCount=0, nRightCount=0;
CString strUserName[100], strRoleName[100], strSystemRight[100];
SystemRight nSystemRight[100];
//从字符串中分解出用户
nUserCount = ParseStrings(strUserNames, strUserName);
//从字符串中分解出角色名
nRoleCount = ParseStrings(strRoleNames, strRoleName);
//从字符串中分解出权限
nRightCount = ParseStrings(strSystemRights, strSystemRight);
for (int i=0; i<nRightCount; i++)
{
nSystemRight[i] = (SystemRight)atoi(strSystemRight[i]);
for (int j=0; j<nUserCount; j++)
DoAuditUser(nSystemRight[i], strUserName[j]);
for (j=0; j<nRoleCount; j++)
DoAuditRole(nSystemRight[i], strRoleName[j]);
}
return TRUE;
}
/**********************************************************************
功能:准备取消审计设置1
***********************************************************************/
BOOL CSdbms::PreNoaudit1(CString strUserNames, CString strRoleNames)
{
int nUserCount=0, nRoleCount=0;
CString strUserName[100], strRoleName[100];
//从字符串中分解出用户
nUserCount = ParseStrings(strUserNames, strUserName);
//从字符串中分解出角色名
nRoleCount = ParseStrings(strRoleNames, strRoleName);
for (int i=0; i<nUserCount; i++)
DoNoauditUser(strUserName[i]);
for (int j=0; j<nRoleCount; j++)
DoNoauditRole(strRoleName[j]);
return TRUE;
}
/**********************************************************************
功能:准备取消审计设置2
***********************************************************************/
BOOL CSdbms::PreNoaudit2(CString strObjectRights, CString strTableName, CString strUserNames, CString strRoleNames)
{
int nUserCount=0, nRoleCount=0, nRightCount=0;
CString strUserName[100], strRoleName[100], strObjectRight[100];
ObjectRight nObjectRight[100];
//从字符串中分解出用户
nUserCount = ParseStrings(strUserNames, strUserName);
//从字符串中分解出角色名
nRoleCount = ParseStrings(strRoleNames, strRoleName);
//从字符串中分解出权限
nRightCount = ParseStrings(strObjectRights, strObjectRight);
for (int i=0; i<nRightCount; i++)
{
nObjectRight[i] = (ObjectRight)atoi(strObjectRight[i]);
for (int k=0; k<nUserCount; k++)
DoNoauditUser(nObjectRight[i], strUserName[k], strTableName);
for (k=0; k<nRoleCount; k++)
DoNoauditRole(nObjectRight[i], strRoleName[k], strTableName);
}
return TRUE;
}
/**********************************************************************
功能:准备取消审计设置3
***********************************************************************/
BOOL CSdbms::PreNoaudit3(CString strSystemRights, CString strUserNames, CString strRoleNames)
{
int nUserCount=0, nRoleCount=0, nRightCount=0;
CString strUserName[100], strRoleName[100], strSystemRight[100];
SystemRight nSystemRight[100];
//从字符串中分解出用户
nUserCount = ParseStrings(strUserNames, strUserName);
//从字符串中分解出角色名
nRightCount = ParseStrings(strRoleNames, strRoleName);
//从字符串中分解出权限
nRightCount = ParseStrings(strSystemRights, strSystemRight);
for (int i=0; i<nRightCount; i++)
{
nSystemRight[i] = (SystemRight)atoi(strSystemRight[i]);
for (int j=0; j<nUserCount; j++)
DoNoauditUser(nSystemRight[i], strUserName[j]);
for (j=0; j<nRoleCount; j++)
DoNoauditRole(nSystemRight[i], strRoleName[j]);
}
return TRUE;
}
/**********************************************************************
功能:连接数据库
算法:检查用户名、口令、数据库名是否正确,以及用户是否在该数据库上有登录权限
***********************************************************************/
BOOL CSdbms::DoConnectDB(CString strUserName, CString strPassword, CString strDBName/*=""*/)
{
ASSERT(!strUserName.IsEmpty() && !strPassword.IsEmpty()); //数据库名可以为空
CSdbms_User *pUser = NULL;
CSdbms_Database *pDB = NULL;
if (!GetUser(strUserName, &pUser)) //检查用户名
{
sprintf(g_strMsg, "用户名%s不正确", strUserName);
g_msg.ThrowErrorMsg(g_strMsg);
return FALSE;
}
sprintf(g_strMsg, "用户名%s正确", strUserName);
g_msg.ThrowSuccessMsg(g_strMsg);
if (!strPassword.Compare(pUser->m_strPassword) == 0) //检查口令
{
g_msg.ThrowErrorMsg("口令不正确");
return FALSE;
}
g_msg.ThrowSuccessMsg("口令正确");
if (strDBName.IsEmpty())/* //DBA用户和DBSA用户可以不连接到数据库上而只登录系统*/
{
// if (IsOwnDbaRole(pUser->m_nUserID) || IsOwnDbsaRole(pUser->m_nUserID))
// {
sprintf(g_strMsg, "用户%s成功登录系统", strUserName);
g_msg.ThrowSuccessMsg(g_strMsg);
m_pCurUser = pUser;
m_pCurDB = NULL;
return TRUE;
// }
// else
// {
// g_msg.ThrowErrorMsg("数据库名不应为空");
// return FALSE;
// }
}
if (!GetDatabase(strDBName, &pDB)) //检查数据库名
{
sprintf(g_strMsg, "数据库%s不存在", strDBName);
g_msg.ThrowErrorMsg(g_strMsg);
return FALSE;
}
sprintf(g_strMsg, "数据库名%s正确", strDBName);
g_msg.ThrowSuccessMsg(g_strMsg);
//判断当前用户是否有权连接到一个数据库上
if (!HaveSystemRight(SR_CONNECT_DATABASE, pUser, pDB))
return FALSE;
sprintf(g_strMsg, "用户%s成功连接到数据库%s上", strUserName, strDBName);
g_msg.ThrowSuccessMsg(g_strMsg);
m_pCurUser = pUser;
m_pCurDB = pDB;
if (!pDB->m_bInit)
pDB->Init();
return TRUE;
}
/**********************************************************************
功能:创建数据库
***********************************************************************/
BOOL CSdbms::DoCreateDatabase(CString strDatabaseName)
{
ASSERT(m_pCurUser);
//审计
BOOL bAuditSuccess = m_audit.Audit(m_pCurUser, SR_CREATE_DATABASE, m_pCurDB);
//判断当前用户是否有权执行Create Database命令
if (!HaveSystemRight(SR_CREATE_DATABASE, m_pCurUser, NULL))
return FALSE;
CSdbms_Database *pTemp;
if (GetDatabase(strDatabaseName, &pTemp)) //检查数据库名是否已存在
{
sprintf(g_strMsg, "数据库%s已存在", strDatabaseName);
g_msg.ThrowErrorMsg(g_strMsg);
return FALSE;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -