📄 privilege.java
字号:
if (md.isBlog()) { UserConfigDb ucd = new UserConfigDb(); ucd = ucd.getUserConfigDb(md.getBlogId()); if (ucd.getType() == UserConfigDb.TYPE_GROUP) { if (BlogGroupUserDb.canUserDo(request, md.getBlogId(), BlogGroupUserDb.PRIV_TOPIC)) { return true; } } else { if (ucd.getUserName().equals(getUser(request))) return true; } } if (Config.getInstance().getBooleanProperty("forum.canUserDelTopicSelf")) { if (md.getName().equals(getUser(request))) return true; } return isUserHasManagerIdentity(request, md.getboardcode()); } public boolean canManage(HttpServletRequest request, long id) throws ErrMsgException { if (isMasterPrivValid(request, Priv.PRIV_FORUM_MESSAGE)) return true; if (!isUserLogin(request)) return false; MsgDb md = new MsgDb(); md = md.getMsgDb(id); if (!md.isLoaded()) return false; return isUserHasManagerIdentity(request, md.getboardcode()); } public boolean isManager(HttpServletRequest request, String boardCode) { if (isMasterPrivValid(request, Priv.PRIV_FORUM_MESSAGE)) return true; if (!isUserLogin(request)) return false; return isUserHasManagerIdentity(request, boardCode); } public boolean isUserHasManagerIdentity(HttpServletRequest request, String boardCode) { BoardManagerDb bm = new BoardManagerDb(); bm = bm.getBoardManagerDb(boardCode, getUser(request)); if (bm.isLoaded()) { return true; } bm = bm.getBoardManagerDb(Leaf.CODE_ROOT, getUser(request)); if (bm.isLoaded()) { return true; } Directory dir = new Directory(); Leaf lf = dir.getLeaf(boardCode); String parentCode = lf.getParentCode(); while (!parentCode.equals(Leaf.CODE_ROOT)) { lf = dir.getLeaf(parentCode); if (lf == null) break; bm = bm.getBoardManagerDb(lf.getCode(), getUser(request)); if (bm.isLoaded()) return true; parentCode = lf.getParentCode(); } return false; } public BoardManagerDb getUserManagerIdentityOfBoard(HttpServletRequest request, String boardCode) { BoardManagerDb bm = new BoardManagerDb(); bm = bm.getBoardManagerDb(boardCode, getUser(request)); if (bm.isLoaded()) { return bm; } bm = bm.getBoardManagerDb(Leaf.CODE_ROOT, getUser(request)); if (bm.isLoaded()) { return bm; } Directory dir = new Directory(); Leaf lf = dir.getLeaf(boardCode); String parentCode = lf.getParentCode(); while (!parentCode.equals(Leaf.CODE_ROOT)) { lf = dir.getLeaf(parentCode); if (lf == null) break; bm = bm.getBoardManagerDb(lf.getCode(), getUser(request)); if (bm.isLoaded()) return bm; parentCode = lf.getParentCode(); } return null; } public boolean canEdit(HttpServletRequest request, MsgDb md) throws ErrMsgException { if (!isUserLogin(request)) throw new ErrMsgException(SkinUtil.LoadString(request, "err_not_login")); String boardcode = md.getboardcode(); checkCanEnterBoard(request, boardcode); String name = getUser(request); String username = md.getName(); boolean valid = false; if (isUserHasManagerIdentity(request, boardcode) || isMasterLogin(request)) { valid = true; } else { if (md.isBlog()) { if (username.equals(name)) { valid = true; } else { UserConfigDb ucd = new UserConfigDb(); ucd = ucd.getUserConfigDb(md.getBlogId()); if (ucd.getType() == UserConfigDb.TYPE_GROUP) { if (BlogGroupUserDb.canUserDo(request, md.getBlogId(), BlogGroupUserDb.PRIV_TOPIC)) { valid = true; } } } } else { Config cfg = Config.getInstance(); if (cfg.getBooleanProperty( "forum.canUserEditTopicSelf")) { if (username.equals(name)) { int minute = cfg.getIntProperty("forum.topicEditExpireMinute"); if (minute >= 0) { if (DateUtil.datediffMinute(new java.util.Date(), md.getAddDate()) < minute) { valid = true; } else { throw new ErrMsgException(StrUtil.format( LoadString(request, "info_topic_edit_expire"), new Object[] {"" + minute})); } } } } } } PluginMgr pm = new PluginMgr(); Vector vplugin = pm.getAllPluginUnitOfBoard(boardcode); if (vplugin.size() > 0) { Iterator irplugin = vplugin.iterator(); while (irplugin.hasNext()) { PluginUnit pu = (PluginUnit) irplugin.next(); IPluginPrivilege ipp = pu.getPrivilege(); if (ipp != null && !ipp.canEdit(request, md)) { String s = LoadString(request, "err_plugin"); s = s.replaceFirst("\\$p", pu.getName(request)); throw new ErrMsgException(s); } } } return valid; } public static boolean isUserLogin(HttpServletRequest request) { HttpSession session = request.getSession(true); Authorization auth = (Authorization) session.getAttribute( SESSION_CWBBS_AUTH); boolean isValid = false; if (auth != null) { isValid = !auth.isGuest(); if (isValid) return true; } CookieBean cookiebean = new CookieBean(); String c = cookiebean.getCookieValue(request, COOKIE_CWBBS_AUTH); if (c.equals("")) return false; String[] ck = decodeCookie(c); String userName = ck[0]; String pwdMD5 = ck[1]; UserDb ud = new UserDb(); ud = ud.getUser(userName); if (ud.isLoaded()) { if (ud.getPwdMd5().equals(pwdMD5)) { Prision prision = new Prision(); if (prision.isUserArrested(userName)) { return false; } auth = new Authorization(userName, false); session.setAttribute(SESSION_CWBBS_AUTH, auth); String mylocale = ud.getLocale(); if (!mylocale.equals("")) { String[] ary = StrUtil.split(mylocale, "_"); if (ary!=null && ary.length==2) { Locale locale = new Locale(ary[0], ary[1]); session.setAttribute(SkinUtil.SESSION_LOCALE, locale); } } OnlineUserDb ou = new OnlineUserDb(); ou = ou.getOnlineUserDb(userName); ou.setStayTime(new java.util.Date()); if (ou.isLoaded()) { ou.save(); } else { int isguest = 0; ou.setName(auth.getName()); ou.setIp(StrUtil.getIp(request)); ou.setGuest(isguest == 1 ? true : false); try { ou.create(); } catch (ErrMsgException e) { Logger.getLogger(Privilege.class.getName()).error("isUserLogin:" + e.getMessage()); } } ud.setLastTime(ud.getCurTime()); ud.setCurTime(); ud.setIp(request.getRemoteAddr()); ud.save(); return true; } } return false; } public static boolean isGuest(HttpServletRequest request) { HttpSession session = request.getSession(true); Authorization auth = (Authorization) session.getAttribute( SESSION_CWBBS_AUTH); if (auth == null) return false; return auth.isGuest(); } public static String getUser(HttpServletRequest request) { HttpSession session = request.getSession(true); Authorization auth = (Authorization) session.getAttribute( SESSION_CWBBS_AUTH); if (auth == null) return ""; else return auth.getName(); } public static boolean canUploadAttachment(HttpServletRequest request) { UserDb ud = new UserDb(); ud = ud.getUser(getUser(request)); if (ud.getDiskSpaceAllowed() <= ud.getDiskSpaceUsed()) return false; return true; } public static boolean doLogout(HttpServletRequest req, HttpServletResponse res, String userName) { HttpSession session = req.getSession(true); session.removeAttribute(SESSION_CWBBS_AUTH); CookieBean cookiebean = new CookieBean(); cookiebean.delCookie(res, COOKIE_CWBBS_AUTH, "/"); OnlineUserDb ou = new OnlineUserDb(); ou = ou.getOnlineUserDb(userName); if (ou.isLoaded()) { return ou.del(); } return false; } public boolean logout(HttpServletRequest req, HttpServletResponse res) throws ErrMsgException { return doLogout(req, res, getUser(req)); } public boolean doLogin(HttpServletRequest req, HttpServletResponse res, UserDb user) throws ErrMsgException { String oldname = getUser(req); boolean isvalid = false; String strcovered = ParamUtil.get(req, "covered"); int covered = 0; if (strcovered.equals("")) strcovered = "0"; covered = Integer.parseInt(strcovered); user.setLastTime(user.getCurTime()); user.setCurTime(); user.setIp(req.getRemoteAddr()); isvalid = user.save(); if (isvalid) { OnlineUserDb oud = new OnlineUserDb(); if (Privilege.isGuest(req)) { oud = oud.getOnlineUserDb(oldname); if (oud.isLoaded()) { oud.del(); } } oud = oud.getOnlineUserDb(user.getName()); if (oud.isLoaded()) { oud.setCovered(covered == 1 ? true : false); oud.save(); } else { oud.setName(user.getName()); oud.setIp(req.getRemoteAddr()); oud.setCovered(covered == 1 ? true : false); oud.setGuest(false); oud.create(); } ScoreMgr sm = new ScoreMgr(); Vector vatt = sm.getAllScore(); Iterator iratt = vatt.iterator(); while (iratt.hasNext()) { ScoreUnit su = (ScoreUnit) iratt.next(); IPluginScore ips = su.getScore(); if (ips != null) ips.login(user); } HttpSession session = req.getSession(true); Authorization auth = new Authorization(user.getName(), false); session.setAttribute(SESSION_CWBBS_AUTH, auth); String mylocale = user.getLocale(); if (!mylocale.equals("")) { String[] ary = StrUtil.split(mylocale, "_"); if (ary!=null && ary.length==2) { Locale locale = new Locale(ary[0], ary[1]); session.setAttribute(SkinUtil.SESSION_LOCALE, locale); } } int loginSaveDate = LOGIN_SAVE_NONE; try { loginSaveDate = ParamUtil.getInt(req, "loginSaveDate"); } catch (Exception e) { } int maxAge = -1; if (loginSaveDate == LOGIN_SAVE_NONE) maxAge = -1; else if (loginSaveDate == LOGIN_SAVE_DAY) maxAge = 60 * 60 * 24; else if (loginSaveDate == LOGIN_SAVE_MONTH) maxAge = 60 * 60 * 24 * 30; else if (loginSaveDate == LOGIN_SAVE_YEAR) maxAge = 60 * 60 * 24 * 365; String c = encodeCookie(user.getName(), user.getPwdMd5()); CookieBean.addCookie(res, COOKIE_CWBBS_AUTH, c, "/", maxAge); ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -