| 2 |
* |
* |
| 3 |
* $Revision$ |
* $Revision$ |
| 4 |
* $Log$ |
* $Log$ |
| 5 |
|
* Revision 1.68 2005/02/21 05:46:18 tani |
| 6 |
|
* getItemCountを追加. |
| 7 |
|
* dumpItemID, getItemsの問合せを高速化. |
| 8 |
|
* |
| 9 |
* Revision 1.67 2005/02/19 02:06:11 tani |
* Revision 1.67 2005/02/19 02:06:11 tani |
| 10 |
* 承認状態の権限チェックに作成者を追加. |
* 承認状態の権限チェックに作成者を追加. |
| 11 |
* |
* |
| 3388 |
string sql; |
string sql; |
| 3389 |
string where; |
string where; |
| 3390 |
item_t* dst = new item_t[ iidsLen ]; |
item_t* dst = new item_t[ iidsLen ]; |
| 3391 |
|
userid_t uid; |
| 3392 |
sql = "SELECT item_id, item_type_id, title, keywords, description, doi, uid, creation_date, last_update_date, publication_year, publication_month, publication_mday "; |
|
| 3393 |
sql += "FROM " + dbprefix + "_xnpaccount_item_basic "; |
ret = sessionID2UID( sid, &uid ); |
| 3394 |
if( iidsLen > 0 ){ |
if( ret != RES_OK ) return ret; |
| 3395 |
int i; |
|
| 3396 |
for( i = 0; i < iidsLen; i++ ){ |
where = string( unsignedIntToString( iids[ 0 ] ) ); |
| 3397 |
if( getItemPermission( sid, iids[ i ], item::OP_READ ) ){ |
for( int i = 1; i < iidsLen; i++ ){ |
| 3398 |
where = string( unsignedIntToString( iids[ i ] ) ); |
where = string( unsignedIntToString( iids[ i ] ) ) + ", " + where; |
|
break; |
|
|
} |
|
|
} |
|
|
for( ; i < iidsLen; i++ ){ |
|
|
if( getItemPermission( sid, iids[ i ], item::OP_READ ) ) |
|
|
where = string( unsignedIntToString( iids[ i ] ) ) + ", " + where; |
|
|
} |
|
|
if( where.length() > 0 ) |
|
|
sql += "WHERE item_id IN (" + where + " ) "; |
|
|
else{ |
|
|
//no items can be retrieve. |
|
|
*items = new item_t[ 0 ]; |
|
|
*itemsLen = 0; |
|
|
return RES_OK; |
|
|
} |
|
| 3399 |
} |
} |
| 3400 |
|
|
| 3401 |
|
sql = "SELECT DISTINCT ti.item_id as item_id, item_type_id, title, keywords, description, doi, ti.uid as uid, creation_date, last_update_date, publication_year, publication_month, publication_mday "; |
| 3402 |
|
sql+= " FROM " + dbprefix + "_xnpaccount_index_item_link AS tlink"; |
| 3403 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_index AS tx ON tlink.index_id = tx.index_id"; |
| 3404 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_item_basic AS ti ON tlink.item_id = ti.item_id"; |
| 3405 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_groups_users_link as tgulink ON tx.gid=tgulink.gid"; |
| 3406 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_config AS tc ON tc.name=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_KEY "\" LEFT JOIN "; |
| 3407 |
|
sql+= dbprefix + "_xnpaccount_session AS tsess ON tsess.uid=" + unsignedIntToString( uid ); |
| 3408 |
|
sql+= " AND tsess.sid=" + unsignedIntToString( sid ); |
| 3409 |
|
sql+= " WHERE ( tc.value=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 3410 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NULL"; |
| 3411 |
|
sql+= " OR tc.value!=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 3412 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NOT NULL"; |
| 3413 |
|
sql+= " OR tgulink.uid=" + unsignedIntToString( uid ); |
| 3414 |
|
sql+= " OR tx.open_level=" + unsignedIntToString( index::OL_PRIVATE ); |
| 3415 |
|
sql+= " AND tx.uid=" + unsignedIntToString( uid ); |
| 3416 |
|
sql+= " OR tx.uid IS NULL "; |
| 3417 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ); |
| 3418 |
|
sql+= string( isModerator( sid, uid ) ? " OR 1" : " OR 0" ); //モデレータならOR 1,それ以外は OR 0 |
| 3419 |
|
sql+= ") AND tlink.item_id IN (" + where + ")"; |
| 3420 |
sql += criteria2str( cri ); |
sql += criteria2str( cri ); |
| 3421 |
|
|
| 3422 |
syslog_printf( "\nsql at %d=%s", __LINE__, sql.c_str() ); |
syslog_printf( "\nsql at %d=%s", __LINE__, sql.c_str() ); |
| 3477 |
|
|
| 3478 |
/** |
/** |
| 3479 |
* |
* |
| 3480 |
|
* Readアクセス可能なアイテムの数をかえす |
| 3481 |
|
* 失敗したときは0をかえします. |
| 3482 |
|
* |
| 3483 |
|
* @param sid セッションID |
| 3484 |
|
* @return count アイテム数 |
| 3485 |
|
* |
| 3486 |
|
*/ |
| 3487 |
|
unsigned int getItemCount( sessionid_t sid ) |
| 3488 |
|
{ |
| 3489 |
|
if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED; |
| 3490 |
|
if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION; |
| 3491 |
|
|
| 3492 |
|
result_t ret = RES_ERROR; |
| 3493 |
|
string sql; |
| 3494 |
|
string where; |
| 3495 |
|
userid_t uid; |
| 3496 |
|
unsigned int count; |
| 3497 |
|
|
| 3498 |
|
ret = sessionID2UID( sid, &uid ); |
| 3499 |
|
if( ret != RES_OK ) return 0; |
| 3500 |
|
|
| 3501 |
|
sql = "SELECT count(DISTINCT ti.item_id)"; |
| 3502 |
|
sql+= " FROM " + dbprefix + "_xnpaccount_index_item_link AS tlink"; |
| 3503 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_index AS tx ON tlink.index_id = tx.index_id"; |
| 3504 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_item_basic AS ti ON tlink.item_id = ti.item_id"; |
| 3505 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_groups_users_link as tgulink ON tx.gid=tgulink.gid"; |
| 3506 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_config AS tc ON tc.name=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_KEY "\" LEFT JOIN "; |
| 3507 |
|
sql+= dbprefix + "_xnpaccount_session AS tsess ON tsess.uid=" + unsignedIntToString( uid ); |
| 3508 |
|
sql+= " WHERE ( tc.value=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 3509 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NULL"; |
| 3510 |
|
sql+= " OR tc.value!=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 3511 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NOT NULL"; |
| 3512 |
|
sql+= " OR tgulink.uid=" + unsignedIntToString( uid ); |
| 3513 |
|
sql+= " OR tx.open_level=" + unsignedIntToString( index::OL_PRIVATE ); |
| 3514 |
|
sql+= " AND tx.uid=" + unsignedIntToString( uid ); |
| 3515 |
|
sql+= " OR tx.uid IS NULL "; |
| 3516 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ); |
| 3517 |
|
sql+= string( isModerator( sid, uid ) ? " OR 1" : " OR 0" ); //モデレータならOR 1,それ以外は OR 0 |
| 3518 |
|
sql+= ") "; |
| 3519 |
|
ret = queryGetUnsignedInt( "getItemCount", sql, (unsigned int*)&count ); |
| 3520 |
|
|
| 3521 |
|
if( ret != RES_OK ) return 0; |
| 3522 |
|
|
| 3523 |
|
return count; |
| 3524 |
|
} |
| 3525 |
|
/** |
| 3526 |
|
* |
| 3527 |
* アイテムIDの一覧取得. |
* アイテムIDの一覧取得. |
| 3528 |
* アクセス可能なアイテムのIDを返す. |
* アクセス可能なアイテムのIDを返す. |
| 3529 |
* |
* |
| 3549 |
SQLLEN count = 0; |
SQLLEN count = 0; |
| 3550 |
string sql; |
string sql; |
| 3551 |
itemid_t* dst = 0; |
itemid_t* dst = 0; |
| 3552 |
|
userid_t uid; |
| 3553 |
|
|
| 3554 |
|
/* |
| 3555 |
sql = "SELECT item_id"; |
sql = "SELECT item_id"; |
| 3556 |
sql += " FROM " + dbprefix + "_xnpaccount_item_basic"; |
sql += " FROM " + dbprefix + "_xnpaccount_item_basic"; |
| 3557 |
sql += " WHERE item_type_id!=" + unsignedIntToString( item::ITID_INDEX ); |
sql += " WHERE item_type_id!=" + unsignedIntToString( item::ITID_INDEX ); |
| 3564 |
} |
} |
| 3565 |
} |
} |
| 3566 |
sql += criteria2str( c ); |
sql += criteria2str( c ); |
| 3567 |
|
*/ |
| 3568 |
|
ret = sessionID2UID( sid, &uid ); |
| 3569 |
|
if( ret != RES_OK ) return ret; |
| 3570 |
|
|
| 3571 |
|
sql = "SELECT DISTINCT ti.item_id as item_id"; |
| 3572 |
|
sql+= " FROM " + dbprefix + "_xnpaccount_index_item_link AS tlink"; |
| 3573 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_index AS tx ON tlink.index_id = tx.index_id"; |
| 3574 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_item_basic AS ti ON tlink.item_id = ti.item_id"; |
| 3575 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_groups_users_link as tgulink ON tx.gid=tgulink.gid"; |
| 3576 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_config AS tc ON tc.name=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_KEY "\" LEFT JOIN "; |
| 3577 |
|
sql+= dbprefix + "_xnpaccount_session AS tsess ON tsess.uid=" + unsignedIntToString( uid ); |
| 3578 |
|
sql+= " WHERE ( tc.value=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 3579 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NULL"; |
| 3580 |
|
sql+= " OR tc.value!=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 3581 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NOT NULL"; |
| 3582 |
|
sql+= " OR tgulink.uid=" + unsignedIntToString( uid ); |
| 3583 |
|
sql+= " OR tx.open_level=" + unsignedIntToString( index::OL_PRIVATE ); |
| 3584 |
|
sql+= " AND tx.uid=" + unsignedIntToString( uid ); |
| 3585 |
|
sql+= " OR tx.uid IS NULL "; |
| 3586 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ); |
| 3587 |
|
sql+= string( isModerator( sid, uid ) ? " OR 1" : " OR 0" ); //モデレータならOR 1,それ以外は OR 0 |
| 3588 |
|
sql+= ") "; |
| 3589 |
|
sql += criteria2str( c ); |
| 3590 |
|
|
| 3591 |
if( countResultRows( sql.c_str(), &count ) == RES_OK ){ |
if( countResultRows( sql.c_str(), &count ) == RES_OK ){ |
| 3592 |
dst = new itemid_t[ count ]; |
dst = new itemid_t[ count ]; |
| 3593 |
*iids = dst; |
*iids = dst; |
| 4472 |
* |
* |
| 4473 |
* @refer itemop_t |
* @refer itemop_t |
| 4474 |
* @param sid セッションID |
* @param sid セッションID |
| 4475 |
|
* @param iids チェック対象となるアイテムのID |
| 4476 |
|
* @param iidsLen iids配列の要素数 |
| 4477 |
|
* @param op アクセスの種類 |
| 4478 |
|
* @param iids_out アクセス可能なアイテムのID |
| 4479 |
|
* @param iidsLen_out iids_out配列の要素数 |
| 4480 |
|
* @return RES_OK 成功 |
| 4481 |
|
* |
| 4482 |
|
*/ |
| 4483 |
|
#if 0 |
| 4484 |
|
result_t getItemPermissions( sessionid_t sid, itemid_t* iids, int iidsLen, itemop_t op, itemid_t* iids_out, int* iidsLen_out ) |
| 4485 |
|
{ |
| 4486 |
|
string sql1; // sql for retrieve count |
| 4487 |
|
string sql2; // sql for retrieve item id |
| 4488 |
|
string sql; |
| 4489 |
|
itemid_t itemid; |
| 4490 |
|
userid_t uid; |
| 4491 |
|
string where; |
| 4492 |
|
itemid_t* dst = 0; |
| 4493 |
|
int count; //num of items permitted |
| 4494 |
|
|
| 4495 |
|
if( sessionID2UID( sid, &uid ) != RES_OK ) return RES_ERROR; |
| 4496 |
|
|
| 4497 |
|
if( op == item::OP_READ ){ |
| 4498 |
|
where = string( unsignedIntToString( iids[ 0 ] ) ); |
| 4499 |
|
for( int i = 1; i < iidsLen; i++ ){ |
| 4500 |
|
where = string( unsignedIntToString( iids[ i ] ) ) + ", " + where; |
| 4501 |
|
} |
| 4502 |
|
|
| 4503 |
|
sql1 = "SELECT count(DISTINCT tlink.item_id) ; |
| 4504 |
|
sql2 = "SELECT DISTINCT tlink.item_id ; |
| 4505 |
|
sql+= " FROM " + dbprefix + "_xnpaccount_index_item_link AS tlink"; |
| 4506 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_index AS tx ON tlink.index_id = tx.index_id"; |
| 4507 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_item_basic AS ti ON tlink.item_id = ti.item_id"; |
| 4508 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_groups_users_link as tgulink ON tx.gid=tgulink.gid"; |
| 4509 |
|
sql+= " LEFT JOIN " + dbprefix + "_xnpaccount_config AS tc ON tc.name=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_KEY "\" LEFT JOIN "; |
| 4510 |
|
sql+= dbprefix + "_xnpaccount_session AS tsess ON tsess.uid=" + unsignedIntToString( uid ); |
| 4511 |
|
sql+= " WHERE ( tc.value=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 4512 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NULL"; |
| 4513 |
|
sql+= " OR tc.value!=\"" XNP_CONFIG_PUBLIC_ITEM_TARGET_USER_ALL "\""; |
| 4514 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ) + " AND tsess.uid IS NOT NULL"; |
| 4515 |
|
sql+= " OR tgulink.uid=" + unsignedIntToString( uid ); |
| 4516 |
|
sql+= " OR tx.open_level=" + unsignedIntToString( index::OL_PRIVATE ); |
| 4517 |
|
sql+= " AND tx.uid=" + unsignedIntToString( uid ); |
| 4518 |
|
sql+= " OR " + string( isModerator( sid, uid ) ? "1" : "0" ); |
| 4519 |
|
sql+= " OR tx.uid IS NULL "; |
| 4520 |
|
sql+= " AND tx.open_level=" + unsignedIntToString( index::OL_PUBLIC ); |
| 4521 |
|
sql+= string( isModerator( sid, uid ) ? " OR 1" : " OR 0" ); //モデレータならOR 1,それ以外は OR 0 |
| 4522 |
|
sql+= ") AND tlink.item_id WHERE IN (" + where + ")"; |
| 4523 |
|
syslog_printf( "\nsql at %d=%s", __LINE__, sql.c_str() ); |
| 4524 |
|
if( queryGetUnsignedInt( "getItemPermission", sql1 + sql, (unsigned int*)&count ) == RES_OK ){ |
| 4525 |
|
dst = *iids_out = new itemid_t[ count ]; |
| 4526 |
|
if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) { |
| 4527 |
|
if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)( sql2 + sql ).c_str(), ( sql2 + sql ).length() ) ) == SQL_SUCCESS ){ |
| 4528 |
|
itemid_t iid; |
| 4529 |
|
SQLLEN len = 0; |
| 4530 |
|
SQLBindCol( hstmt, 1, SQL_C_ULONG, &iid, 0, &len ); |
| 4531 |
|
*iidsLen_out = 0; |
| 4532 |
|
for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < count ; i++ ){ |
| 4533 |
|
dst[ i ] = iid; |
| 4534 |
|
(*iidsLen_out)++; |
| 4535 |
|
} |
| 4536 |
|
} |
| 4537 |
|
} |
| 4538 |
|
} |
| 4539 |
|
}else if( op == item::OP_MODIFY || op == item::OP_DELETE ){ |
| 4540 |
|
//TODO 条件追加:todo自分のアイテムでも承認待ち状態なら編集・削除できない |
| 4541 |
|
sql = "SELECT item_id FROM " + dbprefix + "_xnpaccount_item_basic"; |
| 4542 |
|
sql += " WHERE uid=" + unsignedIntToString( uid ); |
| 4543 |
|
sql += " AND item_id=" + unsignedIntToString( iid ); |
| 4544 |
|
syslog_printf( "\nsql at %d=%s", __LINE__, sql.c_str() ); |
| 4545 |
|
if( queryGetUnsignedInt( "getItemPermission", sql, (unsigned int*)&itemid ) == RES_OK ){ |
| 4546 |
|
return itemid == iid; |
| 4547 |
|
} |
| 4548 |
|
} |
| 4549 |
|
return RES_ERROR; |
| 4550 |
|
} |
| 4551 |
|
#endif |
| 4552 |
|
|
| 4553 |
|
/** |
| 4554 |
|
* |
| 4555 |
|
* アイテムへのアクセス権限をチェックする |
| 4556 |
|
* |
| 4557 |
|
* @refer itemop_t |
| 4558 |
|
* @param sid セッションID |
| 4559 |
* @param iid チェック対象となるアイテムのID |
* @param iid チェック対象となるアイテムのID |
| 4560 |
* @param op アクセスの種類 |
* @param op アクセスの種類 |
| 4561 |
* @return true 権限あり |
* @return true 権限あり |
| 6798 |
if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED; |
if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED; |
| 6799 |
if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION; |
if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION; |
| 6800 |
|
|
|
int i = 0; |
|
| 6801 |
SQLHANDLE hstmt = NULL, hstmt2 = NULL; |
SQLHANDLE hstmt = NULL, hstmt2 = NULL; |
| 6802 |
result_t ret = RES_ERROR; |
result_t ret = RES_ERROR; |
| 6803 |
itemid_t* dst = 0; |
itemid_t* dst = 0; |
Parent Directory
Revision Log
Revision Graph
Patch