From 55b0d951675383f1973c334608c9d6b9e04b9b04 Mon Sep 17 00:00:00 2001 From: Ugnich Anton Date: Sun, 11 Nov 2012 14:58:24 +0700 Subject: hasAccessToMessage --- src/com/juick/server/MessagesQueries.java | 154 +++++++++++++++++------------- 1 file changed, 89 insertions(+), 65 deletions(-) (limited to 'src/com/juick/server') diff --git a/src/com/juick/server/MessagesQueries.java b/src/com/juick/server/MessagesQueries.java index 7b4b800d..90c90ceb 100644 --- a/src/com/juick/server/MessagesQueries.java +++ b/src/com/juick/server/MessagesQueries.java @@ -28,12 +28,12 @@ import java.util.ArrayList; * @author Ugnich Anton */ public class MessagesQueries { - + public static boolean canViewThread(Connection sql, int mid, int uid) { - + int privacy = 0; int owner_uid = 0; - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -49,13 +49,37 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - - return privacy >= 0 || (privacy == -1 && uid > 0 && UserQueries.isInWL(sql, owner_uid, uid)) || (privacy == -2 && uid == owner_uid); + + return privacy >= 0 + || (privacy == -1 && uid > 0 && UserQueries.isInWL(sql, owner_uid, uid)) + || (privacy == -2 && (uid == owner_uid || hasAccessToMessage(sql, mid, uid))); } - + + public static boolean hasAccessToMessage(Connection sql, int mid, int uid) { + boolean ret = false; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT 1 FROM messages_access WHERE message_id=? AND user_id=?"); + stmt.setInt(1, mid); + stmt.setInt(2, uid); + rs = stmt.executeQuery(); + if (rs.first()) { + ret = rs.getInt(1) == 1; + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + return ret; + } + public static boolean isReadOnly(Connection sql, int mid) { boolean ret = false; - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -72,10 +96,10 @@ public class MessagesQueries { } return ret; } - + public static boolean isSubscribed(Connection sql, int uid, int mid) { boolean ret = false; - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -93,10 +117,10 @@ public class MessagesQueries { } return ret; } - + public static com.juick.Message getMessage(Connection sql, int mid) { com.juick.Message msg = null; - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -129,11 +153,11 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + if (msg == null) { return null; } - + try { stmt = sql.prepareStatement("SELECT tags,repliesby,txt FROM messages_txt WHERE message_id=?"); stmt.setInt(1, mid); @@ -150,13 +174,13 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + return msg; } - + public static com.juick.Message getReply(Connection sql, int mid, int rid) { com.juick.Message msg = null; - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -181,13 +205,13 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + return msg; } - + public static com.juick.User getMessageAuthor(Connection sql, int mid) { com.juick.User user = null; - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -206,10 +230,10 @@ public class MessagesQueries { } return user; } - + public static ArrayList getMessageRecommendations(Connection sql, int mid) { ArrayList users = new ArrayList(); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -225,13 +249,13 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + return users; } - + public static ArrayList getAll(Connection sql, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -253,10 +277,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getTag(Connection sql, int tid, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -280,7 +304,7 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getMyFeed(Connection sql, int uid, int before) { ArrayList mids = new ArrayList(20); PreparedStatement stmt = null; @@ -310,10 +334,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getPrivate(Connection sql, int uid, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -340,10 +364,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getDiscussions(Connection sql, int uid, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -365,13 +389,13 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + return mids; } - + public static ArrayList getRecommended(Connection sql, int uid, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -393,14 +417,14 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - - + + return mids; } - + public static ArrayList getPopular(Connection sql, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -422,10 +446,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getPhotos(Connection sql, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -447,10 +471,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getSearch(Connection sql, Connection sqlSearch, String search, int before) { ArrayList mids0 = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -472,7 +496,7 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + ArrayList mids = new ArrayList(20); if (mids0.size() > 0) { try { @@ -488,13 +512,13 @@ public class MessagesQueries { Utils.finishSQL(rs, stmt); } } - + return mids; } - + public static ArrayList getUserBlog(Connection sql, int UID, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -518,10 +542,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getUserTag(Connection sql, int UID, int TID, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -547,10 +571,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getUserRecommendations(Connection sql, int UID, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -574,10 +598,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getUserPhotos(Connection sql, int UID, int before) { ArrayList mids = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -601,10 +625,10 @@ public class MessagesQueries { } return mids; } - + public static ArrayList getUserSearch(Connection sql, Connection sqlSearch, int UID, String search, int before) { ArrayList mids0 = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -628,7 +652,7 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + ArrayList mids = new ArrayList(20); if (mids0.size() > 0) { try { @@ -644,13 +668,13 @@ public class MessagesQueries { Utils.finishSQL(rs, stmt); } } - + return mids; } - + public static ArrayList getMessages(Connection sql, ArrayList mids) { ArrayList msgs = new ArrayList(20); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -660,7 +684,7 @@ public class MessagesQueries { while (rs.next()) { com.juick.Message msg = new com.juick.Message(); msg.User = new com.juick.User(); - + msg.MID = rs.getInt(1); msg.User.UID = rs.getInt(2); msg.User.UName = rs.getString(3); @@ -682,7 +706,7 @@ public class MessagesQueries { msg.Place.lat = rs.getDouble(15); msg.Place.lon = rs.getDouble(16); } - + msgs.add(msg); } } catch (SQLException e) { @@ -690,13 +714,13 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + return msgs; } - + public static ArrayList getReplies(Connection sql, int mid) { ArrayList replies = new ArrayList(); - + PreparedStatement stmt = null; ResultSet rs = null; try { @@ -716,7 +740,7 @@ public class MessagesQueries { msg.TimeAgo = rs.getInt(6); msg.TimestampString = rs.getString(7); msg.AttachmentType = rs.getString(8); - + replies.add(msg); } } catch (SQLException e) { @@ -724,7 +748,7 @@ public class MessagesQueries { } finally { Utils.finishSQL(rs, stmt); } - + return replies; } } -- cgit v1.2.3