Revize 1e46def4
Přidáno uživatelem Tomáš Šimandl před více než 6 roky(ů)
| sources/src/main/java/cz/zcu/kiv/offscreen/servlets/LoadGraphData.java | ||
|---|---|---|
| 60 | 60 |
} |
| 61 | 61 |
|
| 62 | 62 |
} else {
|
| 63 |
// TODO check user permissions to this graph |
|
| 64 | 63 |
Integer diagramId = Integer.parseInt(diagram_id); |
| 65 | 64 |
|
| 66 | 65 |
DB db = new DB(getServletContext()); |
| 67 | 66 |
Diagram diagram = new Diagram(db, diagramId); |
| 67 |
|
|
| 68 |
if(!diagram.isPublic()){
|
|
| 69 |
|
|
| 70 |
Integer loggedUserId = (Integer) request.getSession().getAttribute("logged_user_id");
|
|
| 71 |
if(loggedUserId == null || diagram.getUserId() != loggedUserId) {
|
|
| 72 |
response.getWriter().write("");
|
|
| 73 |
return; |
|
| 74 |
} |
|
| 75 |
} |
|
| 76 |
|
|
| 68 | 77 |
response.getWriter().write(diagram.getJsonDiagram()); |
| 69 | 78 |
} |
| 70 | 79 |
|
| sources/src/main/java/cz/zcu/kiv/offscreen/user/Diagram.java | ||
|---|---|---|
| 50 | 50 |
return -1; |
| 51 | 51 |
} |
| 52 | 52 |
|
| 53 |
public boolean isPublic(){
|
|
| 54 |
if(this.id < 0) return false; |
|
| 55 |
|
|
| 56 |
String qy = "SELECT public FROM diagram WHERE id = '" + this.id + "'"; |
|
| 57 |
ResultSet rs = db.exQuery(qy); |
|
| 58 |
|
|
| 59 |
try{
|
|
| 60 |
if (rs != null && rs.next()) {
|
|
| 61 |
return rs.getString("public").equals("1");
|
|
| 62 |
} |
|
| 63 |
} catch (SQLException e){
|
|
| 64 |
e.printStackTrace(); |
|
| 65 |
} |
|
| 66 |
return false; |
|
| 67 |
} |
|
| 68 |
|
|
| 53 | 69 |
public String getJsonDiagram(){
|
| 54 | 70 |
if(this.id < 0) return ""; |
| 55 | 71 |
|
Také k dispozici: Unified diff
LoadGraphData user permission check