Bug #3464
closedReplicate access rules in replication
0%
Description
Currently, metacat doesn't replicate access rules in xml_access table.
For eml documents, it wouldn't be a problem since eml itself has the access rules. However, for none-eml documents, it can be problem:
A host was inserted a FGDC document and user uses setAccess API to make this public readable. So in host A, the document is public readable. However, in host B, which got the replicated copy, the document is not public readable since the document itself doesn't have the access rules and both timed and force replication doesn't replicate access rules.
Here is the plan:
1. setAccess method will be added into the listener of force replication action.
2. Timed replication will replicate xml_access table as well.
Updated by Matt Jones over 16 years ago
This is a problem for EML documents as well, especially if someone changes the access rules using setAccess and then replicaiton doesn't respect that. Also, it seems that all of the different replication methods should be replicating these rules.
Updated by ben leinfelder about 16 years ago
committed replication changes:
-document access rules will be replicated
-data access rules will be replicated
-setting access via the metacat servlet (action=setaccess) will result in a forced replication for that docid (data or xml)
now i need to test it!
Updated by ben leinfelder about 16 years ago
set up replication between my two local metacats. tested:
-forced replication of document due to access control change
-forced replication because of document update
also: duplicate access control rules will not be persisted in the xml_access table
Updated by ben leinfelder about 16 years ago
Mike has run through testing scenarios for ACL replication with no hiccups.
Closing this bug.