📄 privilege.java
字号:
package com.redmoon.forum;import java.sql.*;import javax.servlet.http.HttpSession;import javax.servlet.http.HttpServletRequest;import cn.js.fan.util.*;import org.apache.log4j.Logger;import com.redmoon.forum.person.UserDb;import java.util.Iterator;import com.redmoon.forum.plugin.base.IPluginPrivilege;import java.util.Vector;import com.redmoon.forum.plugin.PluginUnit;import com.redmoon.forum.plugin.PluginMgr;import cn.js.fan.module.pvg.Priv;import cn.js.fan.security.SecurityUtil;import javax.servlet.http.HttpServletResponse;import com.redmoon.forum.person.WrongPasswordException;import java.util.Calendar;import com.redmoon.forum.life.prision.Prision;import com.redmoon.forum.person.InvalidNameException;import com.redmoon.forum.security.IPMonitor;import com.redmoon.forum.err.UserArrestedException;import com.redmoon.kit.util.FileUpload;import com.redmoon.forum.plugin.EntranceMgr;import com.redmoon.forum.plugin.EntranceUnit;import com.redmoon.forum.plugin.base.IPluginEntrance;import cn.js.fan.web.SkinUtil;import java.util.Locale;import com.redmoon.forum.person.UserPrivDb;import com.redmoon.forum.person.UserGroupDb;import com.redmoon.forum.person.UserGroupPrivDb;import com.cloudwebsoft.framework.util.LogUtil;import com.redmoon.forum.security.TimeConfig;import com.redmoon.blog.UserConfigDb;import com.redmoon.blog.BlogGroupUserDb;import com.redmoon.forum.plugin.base.IPluginScore;import com.redmoon.forum.plugin.ScoreUnit;import com.redmoon.forum.plugin.ScoreMgr;public class Privilege { Logger logger = Logger.getLogger(Privilege.class.getName()); boolean debug = false; public static final String MASTER = "sq_master"; public static final String USER_SYSTEM = "system"; public static final String COOKIE_CWBBS_AUTH = "cwbbs.auth"; public static final String SESSION_CWBBS_AUTH = "cwbbs.auth"; public static final int LOGIN_SAVE_NONE = 0; public static final int LOGIN_SAVE_DAY = 1; public static final int LOGIN_SAVE_MONTH = 2; public static final int LOGIN_SAVE_YEAR = 3; private final static int ENCODE_XORMASK = 0x5A; private final static char ENCODE_DELIMETER = '\002'; private final static char ENCODE_CHAR_OFFSET1 = 'A'; private final static char ENCODE_CHAR_OFFSET2 = 'h'; public Privilege() { } public boolean isRequestValid(HttpServletRequest request) throws SQLException { if (request.getRequestURL().indexOf(request.getServerName()) == -1) return false; else return true; } public static boolean isMasterLogin(HttpServletRequest request) { cn.js.fan.module.pvg.Privilege pvg = new cn.js.fan.module.pvg.Privilege(); if (pvg.isUserPrivValid(request, Priv.PRIV_ADMIN)) return true; if (pvg.isUserPrivValid(request, Priv.PRIV_FORUM)) return true; return false; } public boolean isMasterPrivValid(HttpServletRequest request, String priv) { cn.js.fan.module.pvg.Privilege pvg = new cn.js.fan.module.pvg.Privilege(); if (pvg.isUserPrivValid(request, Priv.PRIV_ADMIN)) return true; if (pvg.isUserPrivValid(request, Priv.PRIV_FORUM)) return true; if (pvg.isUserPrivValid(request, priv)) return true; return false; } public String getMaster(HttpServletRequest request) { HttpSession session = request.getSession(true); return (String) session.getAttribute(MASTER); } public boolean canWebEditRedMoon(HttpServletRequest request, String boardCode) { if (boardCode.equals(Leaf.CODE_BLOG)) return true; Leaf lf = new Leaf(); lf = lf.getLeaf(boardCode); if (lf == null || !lf.isLoaded()) return false; if (lf.getWebeditAllowType() == lf.WEBEDIT_ALLOW_TYPE_UBB_NORMAL_REDMOON || lf.getWebeditAllowType() == lf.WEBEDIT_ALLOW_TYPE_REDMOON_FIRST) { return true; } else { if (isManager(request, boardCode) || isMasterLogin(request)) return true; } return false; } public String LoadString(HttpServletRequest request, String key) { return SkinUtil.LoadString(request, "res.forum.Privilege", key); } public boolean checkCanEnterBoard(HttpServletRequest request, String boardCode) throws ErrMsgException { Leaf curleaf = new Leaf(); curleaf = curleaf.getLeaf(boardCode); if (curleaf == null || !curleaf.isLoaded()) { throw new ErrMsgException(LoadString(request, "err_board_lost")); } if (curleaf.isLocked()) { if (isMasterLogin(request) || isManager(request, boardCode)) { return true; } throw new ErrMsgException(LoadString(request, "err_board_locked")); } boolean isEntrancePluginBoard = false; boolean isEntranceAllowed = false; EntranceMgr em = new EntranceMgr(); Vector vEntrancePlugin = em.getAllEntranceUnitOfBoard(boardCode); if (vEntrancePlugin.size() > 0) { isEntrancePluginBoard = true; Iterator irpluginentrance = vEntrancePlugin.iterator(); while (irpluginentrance.hasNext()) { EntranceUnit eu = (EntranceUnit) irpluginentrance.next(); IPluginEntrance ipe = eu.getEntrance(); ipe.canEnter(request, boardCode); } isEntranceAllowed = true; } if (isEntrancePluginBoard) { if (isEntranceAllowed) return true; else { if (isMasterLogin(request) || isManager(request, boardCode)) { return true; } } } else { if (!canUserDo(request, boardCode, "enter_board")) { if (isManager(request, boardCode)) { return true; } else throw new ErrMsgException(SkinUtil.LoadString( request, "pvg_invalid")); } } return true; } public boolean checkCanPost(HttpServletRequest request, String boardCode) throws ErrMsgException { if (isMasterLogin(request) || isManager(request, boardCode)) { return true; } else { RegConfig rgc = new RegConfig(); int timeLimit = rgc.getIntProperty("newUserAddTopicTimeLimit"); if (timeLimit > 0) { UserDb ud = new UserDb(); ud = ud.getUser(getUser(request)); if (DateUtil.datediffMinute(new java.util.Date(), ud.getRegDate()) < timeLimit) { throw new ErrMsgException(StrUtil.format(LoadString(request, "err_new_user_add_topic_timelimit"), new Object[] {"" + timeLimit})); } } TimeConfig tc = new TimeConfig(); if (tc.isPostForbidden(request)) { throw new ErrMsgException(StrUtil.format(LoadString(request, "time_forbid_post"), new Object[] {tc.getProperty("forbidPostTime1"), tc.getProperty("forbidPostTime2")})); } } return true; } public boolean canVote(HttpServletRequest request, String boardCode) throws ErrMsgException { if (!canUserDo(request, boardCode, "vote")) throw new ErrMsgException(SkinUtil.LoadString(request, SkinUtil.PVG_INVALID)); return true; } public boolean canAddNew(HttpServletRequest request, String boardCode, FileUpload fu) throws ErrMsgException { checkCanEnterBoard(request, boardCode); checkCanPost(request, boardCode); Config cfg = Config.getInstance(); if (cfg.getBooleanProperty("forum.addUseValidateCode")) { if (isValidateCodeRight(request, fu)) return true; else throw new ErrMsgException(LoadString(request, "err_validate_code")); } EntranceMgr em = new EntranceMgr(); boolean isPluginEntranceValid = false; Vector vEntrancePlugin = em.getAllEntranceUnitOfBoard(boardCode); if (vEntrancePlugin.size() > 0) { Iterator irpluginentrance = vEntrancePlugin.iterator(); while (irpluginentrance.hasNext()) { EntranceUnit eu = (EntranceUnit) irpluginentrance.next(); IPluginEntrance ipe = eu.getEntrance(); ipe.canAddNew(request, boardCode); } isPluginEntranceValid = true; } if (isPluginEntranceValid) return true; if (!canUserDo(request, boardCode, "add_topic")) throw new ErrMsgException(StrUtil.UrlEncode(SkinUtil.LoadString( request, "pvg_invalid"))); String pluginCode = StrUtil.getNullString(fu.getFieldValue("pluginCode")); boolean isPluginValid = false; PluginMgr pm = new PluginMgr(); Vector vplugin = pm.getAllPluginUnitOfBoard(boardCode); if (vplugin.size() > 0) { Iterator irplugin = vplugin.iterator(); while (irplugin.hasNext()) { PluginUnit pu = (PluginUnit) irplugin.next(); IPluginPrivilege ipp = pu.getPrivilege(); if (!ipp.canAddNew(request, boardCode, fu)) { String str = SkinUtil.LoadString(request, "res.forum.MsgMgr", "err_pvg_plugin"); str = str.replaceFirst("\\$p", pu.getName(request)); throw new ErrMsgException(str); } if (!pluginCode.equals("")) if (pu.getCode().equals(pluginCode)) isPluginValid = true; } } if (!pluginCode.equals("") && !isPluginValid) { throw new ErrMsgException(LoadString(request, "err_plugin_invalid")); } return true; } public boolean canAddReply(HttpServletRequest request, String boardCode, FileUpload fu) throws ErrMsgException { checkCanEnterBoard(request, boardCode); checkCanPost(request, boardCode); Config cfg = Config.getInstance(); if (cfg.getBooleanProperty("forum.addUseValidateCode")) { if (!isValidateCodeRight(request, fu)) throw new ErrMsgException(LoadString(request, "err_validate_code")); } String strreplyid = StrUtil.getNullStr(fu.getFieldValue("replyid")); long replyid = StrUtil.toInt(strreplyid, -1); if (replyid == -1) throw new ErrMsgException(SkinUtil.LoadString(request, "res.forum.MsgMgr", "err_need_reply_id")); MsgDb msgReplied = new MsgDb(); msgReplied = msgReplied.getMsgDb(replyid); EntranceMgr em = new EntranceMgr(); boolean isPluginEntranceValid = false; Vector vEntrancePlugin = em.getAllEntranceUnitOfBoard(boardCode); if (vEntrancePlugin.size() > 0) { Iterator irpluginentrance = vEntrancePlugin.iterator(); while (irpluginentrance.hasNext()) { EntranceUnit eu = (EntranceUnit) irpluginentrance.next(); IPluginEntrance ipe = eu.getEntrance(); ipe.canAddReply(request, boardCode, msgReplied.getRootid()); } isPluginEntranceValid = true; } if (isPluginEntranceValid) return true; if (!canUserDo(request, boardCode, "reply_topic")) throw new ErrMsgException(StrUtil.UrlEncode(SkinUtil.LoadString( request, "pvg_invalid"))); PluginMgr pm = new PluginMgr(); Vector vplugin = pm.getAllPluginUnitOfBoard(boardCode); if (vplugin.size() > 0) { Iterator irplugin = vplugin.iterator(); while (irplugin.hasNext()) { PluginUnit pu = (PluginUnit) irplugin.next(); IPluginPrivilege ipp = pu.getPrivilege(); if (!ipp.canAddReply(request, boardCode, msgReplied.getRootid())) { String s = LoadString(request, "err_pvg_plugin"); s = s.replaceFirst("\\$p", pu.getName(request)); throw new ErrMsgException(s); } } } return true; } public boolean canAddQuickReply(HttpServletRequest request, String boardcode, MsgDb remsg) throws ErrMsgException { checkCanEnterBoard(request, boardcode); checkCanPost(request, boardcode); Config cfg = Config.getInstance(); if (cfg.getBooleanProperty("forum.addUseValidateCode")) { if (isValidateCodeRight(request)) ; else throw new ErrMsgException(LoadString(request, "err_validate_code")); } EntranceMgr em = new EntranceMgr(); boolean isPluginEntranceValid = false; Vector vEntrancePlugin = em.getAllEntranceUnitOfBoard(boardcode); if (vEntrancePlugin.size() > 0) { Iterator irpluginentrance = vEntrancePlugin.iterator(); while (irpluginentrance.hasNext()) { EntranceUnit eu = (EntranceUnit) irpluginentrance.next(); IPluginEntrance ipe = eu.getEntrance(); ipe.canAddReply(request, boardcode, remsg.getRootid()); } isPluginEntranceValid = true; } if (isPluginEntranceValid) return true; if (!canUserDo(request, boardcode, "reply_topic")) throw new ErrMsgException(StrUtil.UrlEncode(SkinUtil.LoadString( request, "pvg_invalid"))); PluginMgr pm = new PluginMgr(); Vector vplugin = pm.getAllPluginUnitOfBoard(boardcode); if (vplugin.size() > 0) { Iterator irplugin = vplugin.iterator(); while (irplugin.hasNext()) { PluginUnit pu = (PluginUnit) irplugin.next(); IPluginPrivilege ipp = pu.getPrivilege(); if (ipp != null && !ipp.canAddQuickReply(request, remsg)) { String s = LoadString(request, "err_plugin"); s = s.replaceFirst("\\$p", pu.getName(request)); throw new ErrMsgException(s); } } } return true; } public boolean canDel(HttpServletRequest request, long id) throws ErrMsgException { if (isMasterPrivValid(request, Priv.PRIV_FORUM_MESSAGE)) return true; if (!isUserLogin(request)) throw new ErrMsgException(SkinUtil.LoadString(request, "err_not_login")); MsgDb md = new MsgDb(); md = md.getMsgDb(id); if (!md.isLoaded()) return false;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -