Project

General

Profile

Actions

Bug #2748

closed

MetaCatServlet.handleUploadAction() can cause data file deletion in the data store

Added by Chris Jones almost 18 years ago. Updated almost 18 years ago.

Status:
Resolved
Priority:
Immediate
Assignee:
Category:
metacat
Target version:
Start date:
01/25/2007
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
2748

Description

During the upload of data documents to Metacat 1.6.x, data documents that have been previously uploaded can be deleted from Metacat's file storage area when the same file is uploaded on a second attempt. In MetaCatServlet.handleUploadAction(), DocumentImpl.registerDocument() is called after the data file has been created in the filesystem. If for some reason registerDocument() throws an exception (for instance if the docid and revision is already taken), then the data file is deleted, regardless of whether or not it happened in a previous transaction.

This can be critical since an entire Metcat data store could be deleted by calling action=upload on the existing data docids residing in the catalog. The existence of the data files remains registered in the catalog tables, but the file will be physically gone from the data store.

Actions #1

Updated by Jing Tao almost 18 years ago

The reason we added this delete function was: we wanted to intergarte registering data file into db and saving data file into file system as atomic process - if this data file couldn't be registered into xml_document table, we wouldn't keep it in the data file system. Otherwise, this data file couldn't be accessble (data file is in file system, but no record in xml_documents table). But we didn't think about the side-effect. So we should remove this function.

Actions #2

Updated by Chris Jones almost 18 years ago

As a fix to http://bugzilla.ecoinformatics.org/show_bug.cgi?id=2748, I'm applying
the patch sent to me from Mike Frenock when he reported this bug.

This patch changes MetaCatServlet.handleUploadAction() by first setting
a boolean flag on whether the file to be uploaded exists already. If it
doesn't exist, the transaction continues, uploading and registering the
data file. In the event of an Exception during the registration, the file
will be deleted, since the file's existence is not recorded in the database.

Actions #3

Updated by Redmine Admin over 11 years ago

Original Bugzilla ID was 2748

Actions

Also available in: Atom PDF