public class ForumFactoryProxy extends ForumFactory { ...... public Forum createForum(String name, String description); throws UnauthorizedException, ForumAlreadyExistsException { if (permissions.get(ForumPermissions.SYSTEM_ADMIN);); { Forum newForum = factory.createForum(name, description);; return new ForumProxy(newForum, authorization, permissions);; }else { throw new UnauthorizedException();; } } ...... }
if (permissions.get(ForumPermissions.SYSTEM_ADMIN);); { //~~~~~~~~~ }else { throw new UnauthorizedException();; }
dbforumFactory.getPermissions(Authorization authorizaton); { return permissionsManager.getFinalUserPerms(-1, userID);; }
permissionsManager.getFinalUserPerms(-1, userID);;中,应该查询到数据库层,来对用户的权限进行进一步的处理!
UserPerm ( forumID userID userType permission );; Userid(userType ,userID ); 两个表是多对多关系
StringBuffer sql = new StringBuffer( "SELECT DISTINCT permission FROM bisUserPerm WHERE " );; if (forumID == -1); { sql.append("forumID IS NULL AND ");; } else { sql.append("forumID=");.append(forumID);.append(" AND ");; } if (userID == -1); { sql.append("userID IS NULL and userType=");; sql.append(BisGlobals.ANONYMOUS);; } else if (userID == 0); { sql.append("userID IS NULL AND userType=");; sql.append(BisGlobals.REGISTERED_USERS);; } else { sql.append("userID=");.append(userID);.append(" AND userType=");; sql.append(BisGlobals.USER);; } ResultSet rs = stmt.executeQuery(sql.toString(););; while(rs.next();); { int newPerm = rs.getInt(1);; //!!!~~~~~ permissions[newPerm] = true; } } return new ForumPermissions(permissions);;
permissions.get(ForumPermissions.SYSTEM_ADMIN););{ if (type < 0 || type > 8); { return false; } return values[type]; }
0票
开心
0票
板砖
0票
感动
0票
有用
0票
疑问
0票
难过
0票
无聊
0票
震惊
顶
踩