Project

General

Profile

Bug #2984

"AccessControlList.getACL" returns outdated XML structure

Added by Chris Barteau almost 12 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Category:
metacat
Target version:
Start date:
10/15/2007
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
2984

Description

The "MetCatServlet.handleGetAccessControlAction" calls another method "AccessControlList.getACL". The resulting XML does not seem to follow the structure defined the the XmlSchema of eml-access.xsd.

eMail from Matt regarding this:

It appears that Metacat is still generating the old beta6 version of EML
using that method, rather than following the EML 2.0.1 specification. I
do not think any software relies on this behavior, although we should
check to see if Morpho does -- that would be the only one I think. If
not, we should fix it to produce EML 2.0.1, but do so by changing the
method signature to allow clients to specify which version they want.
For example:

public Reader getACL(String docid, String namespace) throws
NamespaceNotSupportedException;

The exception would be thrown when Metacat doesn't know how to generate
a particular ACL syntax. One reason I would want this is that there is
increasing use of SAML for ACL docs, and it would be a good thing to
have Metacat support ACL statements in SAML format as well as
eml-access. It would also allow us to support future eml versions.


Related issues

Blocks Metacat - Bug #3000: Multiple Permissions Orders exist for Single DocumentClosed11/08/2007

History

#1 Updated by Chris Barteau almost 12 years ago

Sample struct (attrib order defaults to "allowFirst"):


<access xmlns="eml://ecoinformatics.org/access-2.0.1">
<allow>
<principal>public</principal>
<principal>fred</principal>
<permission>read</permission>
</allow>
<deny>
<principal>public</principal>
<principal>fred</principal>
<permission>write</permission>
</deny>
</access>

NOTE: "AccessControlForSingleFile" inserts the following 5 fields in xml_access via the "insertPermissions" method (called from "MetacatServlet.handleSetAccessAction"), others are null:
docid, principal_name, permission, perm_type, perm_order

NOTE2: A good candidate for the "NamespaceNotSupportedException" would be a subclass of org.w3c.dom.DOMException, with the constructor using the parent's INVALID_ACCESS_ERR code, and message set to something like "Namespace is not supported".

NOTE3: This bug is blocked by bug #3000.

#2 Updated by Redmine Admin over 6 years ago

Original Bugzilla ID was 2984

#3 Updated by ben leinfelder over 6 years ago

  • Status changed from New to Closed

This has been reworked so that access rules can be parsed just like they were embedded in EML.

Also available in: Atom PDF