The method - hasAllowRule was revised. If a action -read or update was approved, all ticket count of allow rule entries for this action will minus one if the entries have ticket count number (not null).
The two hasPermission methods were rewritten. Some logic bugs were fixed. Now user, public and group will not be checked speratedly, but they will be check together as string array. In order to do this, private methods isAccessDocument, containDocumentOwner, isAllowFirst, hasAllowRule, hasExplicitDenyRule, hasImplicitDenyRule, and createUsersPackage were added.
In method transformXMLDocument, if no style sheet registered was found for the input document, the document will be send back, rather than use util.DebugMessge to print.
Only delete some incorrect comment.
When user request a data package, the old version documents would be exported. Only export the request one.
During the export function. Every document will be check if the user has the permission to read or not.
The feature of check permission before Metacat handle a "read" action. If user doesn't have permission, its request will be rejected.After creating a DocumentImpl object. A method named hasReadPermission in that class will be called to make sure the user has permission to read it.
A method named hasReadPermission was added. The method will check if a user has permission toread a xml document.
A new method named hasPermissionToExportPackage was added. So when MetaCat handle export action, it will check if user has permission to read the data package. If it has, MetaCat will export a zip output stream to it. Otherwise, MetaCat will be through a exception.
Code to handle "read" permission was changed in hasPermission method. The old code used old way to look up the public_access field in xml_documents table.
A new action named export was add to it. This action will export a zip output stream for a data package. In the zip output stream, meta data documents, data files and a html summary file are include. The stucture will looks like:package----/metadata/metadata docments...
Two metacat util methods were add. One is getDocIdFromString and the other is getVersionFromString. They output a docid and revision if a string like str1.str2.str3. were passed to them.
A method named transformXmlDocument were overload. It transform an XML document to StringWriter using the stylesheet reference from the db.
A public method named getZippedPackage() and other relative private methods were add to this class. The public method can give a zip output stream if a docid and other parameters were passed to it.
Some code format problem was fixed.
The bug was fixed.After a referral exception happend, we should set enviroment properties again before creating a contex. These environment properties include PROVIDER_URL, SECURITY_PRINCIPLE, SECURITY_CREDENTIALS, REFERRAL, and INITIAL_CONTEXT_FACOTRY. Otherwise, you couldn't get a naming exception.
Authentication bug was fixed (bug 408).However, it needs to test if referral cotaining a referral.
Please check it.
In order to fix bug 408 (authentication), some important variables' valueswere followed.
Set the qformat parameter so the stylesheets can use it for conditionalprocessing.
fixed error I introduced when I got postgres working
updated metacat so that the xmlparserv2.jar file is no longer needed. replaced all of teh oracle xml processing with xalan and xerces.
made a ton of changes related to keeping oracle SQL code out of the main classes. fixed a bug where the timing of the index thread was off so when it went to index a document, the document was not already in xml_documents thus breaking the FK relation between xml_documents and xml_index. I think that bug might be the reason for the blank resultset screens in morpho. made the postgres implementation much more robust.
removed because this is no longer used. it was causing a compile error when using postgres because it directly imports the oracle driver.
fixed bug with ampersands in the returned relations in the resultset.
added a manual timeout to counteract the hideously long ldap time out that is encountered when a referred ldap server is down.
updated the referral mechanism so that metacat doesn't crash when a referral server is not available
made it so we can now use multiple accessfilestypes and packagdfiletypes in the metacat.properties file. Also fixed a bug introduced when the 'http://' was removed from behind the server name in the loaddtd.sql script and the knb.xml file
Fixed the getUsers() and getPrincipals() methods so that they no longerfail when large result sets are requested. The problem was that theLDAP server was returning a "size limit exceeded" message when the resultsetfrom the query exceeded the default limit of 500 entries. Now we...
Re-enabled referrals which I had turned off for debugging purposes.
Modified AuthLdap to fix the may problems associated with group and userqueries. Now the getGroups() and getUsers() methods work as advertised,and there is a test of each of the methods in "main" for testing purposes.Simplified the class substantially. Fixed the getAttributes method as...
fixed error where person with 'all' permission could not update the access file.
fixed referral catching mechanism in authLdap.ldapAuthenticate() so that it will refer through a bunch of linked servers instead of just one....I still haven't figured out why the getGroups method wont work.
fixed the error where the ldap authenticate took 15 seconds to execute
I think i have fixed the ldap referral bug. the test lter account that david made for me works, however I would like matt or someone more knowedgeable with ldap to please check my code. the changes I made are around line 200 of AuthLdap. I put a comment in the source where the code needs to be checked.
Fix for bug #309 so that Metacat will now follow LDAP referrals. Previouslythe default was to ignore referrals. Now we explictly set the JNDIContext.REFERRAL value to the value in the metacat.propert "referral".The metacat.properties file has been modified to add the "referral" property,...
added new permission 'changepermission' and made 'all' inclusive for all permissions
fixed access control bug. the character data in the sax parser was not getting trimmed and causing problems. also fixed hard coded eml-dataset public id in the web index file
Updated metacat login semantics. Now, metacat assumes the username passedin is the 'full' distinguished name of the user. If that fails, theninstead it tries looking up the string and seeing if it can determinewhat the DN is, then uses it. The preferred method of logging in via...
Fixed the function to return the max id for a given scope. Now the functiontakes a parameter named 'scope' and returns the largest docid that has beenused under that scope in this metacat instance (it used to return the mostrecently created docid, which is clearly different). For compatibility with...
fixed bug where the whole filename of a data file was not appended to the file input stream so metacat just returned a null document
Fixed problem with metacat handleReadAction where the OutputStream from theresponse object was closed and an attempt to reopen a PrintWriter was madeon the same response, which is illegal. Now the OutputStream is convertedto a PrintWriter in order to write the XML error message back to the client....
fixed to get groupnames for a user using any identifying name
for action=servercontrol&subaction=addadded function for downloading of the certificate filefrom the specified URL of the source serverand uploading it onto this server
changes in replication to use https
fix around one way replication:when server A sends document to the servers in its list of replication servers with replicate=1 in xml_replication table,the server B received the document does NOT need the opposite check on its end.
fixed error:writing on the replication server required the whole acc# (including the rev#)
Fixed bug in metacat where an Exception was thrown when a search returnedan empty resultset. Now we avoid the function call that threw the exeption.
Added support for multiple user interfaces by enabling style sheettransformations to be configured from within metacat rather thanfrom in the database. Now, metacat uses the qformat parameter to determinea "style set", which is mapped to an xml configuration file that...
small fix to enable resolving external entities included in the DTD;external entities are now resolved successfully by DBEntityResolver using the specified system idsand thus there no need of registering the relative system ids,This is because EntityResolver uses its internal implementation to map the relative system ids to the...
Removed the requirement that the relationship for ACL associations be"isRelatedTo". Now the relationship in the triple can be anything, like"describes access control rules for". This doesn't affect the ACLprocessing because it is based on the ACL document type, not the...
changes to store namespace prefixes separately from the local names of nodes (elements and attributes)in xml_nodes.nodeprefix column
Revised build.xml and metacat.properties to make it easier toinstall alternative stylesheets for metacat. In the process,replaced the deprecated copydir and copyfile commands in build.xmlwith appropriate "copy" commands.
added support for Namespaces.Metacat now can store and retrieve XML documents with Namespaces.Namespace is stored as separate record in xml_nodes table with type "NAMESPACE" where nodename is the prefix and nodedata is the uri of the namespace.
fixed an error of NullPointerException
- when the Access file goes first before the Package file (eml-dataset-2.0)relations are not available in xml_relation, thus updated the codeto check and run ACL also after the Package file is saved.- cut out the rev# from subject and object in xml_relation as needed by ACL...
fixed error with out of cursors error because pstmts were not getting closed in DBQuery
look for relationship "isRelatedTo" b' that is the word that is used in the triples
fixed the compilation bug about the change of group parameter in DocumentImpl.write()
added support for multiple group membership
Changed the constructors so that the nodeRecordList is automaticallyretrieved by the DocumentImpl(Connection,String) constructor. thisrestores its earlier behavior, but the implementation is totallydone by DocumentImpl(Connection,String,boolean).
Added fix to DocumentImpl that showed problems when the DocumentImpl(conn)constructor was called. Now there is a new constructor: DocumentImpl(Connection, String, boolean)where the boolean value is used to determine if the nodeset should beread a t the time the cosntructor is called. if false, then...
Completely removed the socket-server feature that used to providefile upload. It is now replaced by multipart/form-data over http.
Modified Metacat to support large data file uploads. This is accomplishedby supporting a new content type for data sent to metacat: multipart/form-datawhich allows multiple files to be sent in a standard MIME format. TheMetacatServlet.handleGetOrPost() method now checks the incoming content...
Simplified ReplicationHandler:It is run now in the same thread started from DBSAXHandler;thus the same connection opened in that thread is used,i.e. no need for new connection and no complains as "Connection is closed" in ReplicationHandler;"Connection is closed" error happens when in the current thread there are try to use connection opened in another thread,...
support for the new terms included in pathquery.dtd
http://bugzilla.ecoinformatics.org/show_bug.cgi?id=248Included utility function about gettig the latest docid for a user:DBUtil.getLastDocid(username).Metacat parameters:action='getlastdocid'username
don't need to override the old meta_file_id tags with docid without revsince Morpho inserts docids before sending the docs to Metacat
added constructor in DocumentImpl for use in DBQuery.findDocuments();this new constructor is used with getDocumentInfo() to get the doc info only;because the other constructor builds the whole xml doc which is not needed here and time consuming;this happens on backtracking only.
fixed bug - hardcoded LDAP URL
made use of the new property for ldaps url;it is used for secure connection to LDAP server listening on second port 636 by default with SSL sockets;it is used from Metacat for the authetication process only;all the rest communications with LDAP server are made on the default port 389 with plain sockets
moved delete from xml_relation before delete from xml_documentsbecause of the parent-child relation b/w these 2 tables
fixed error with exception handling in metacat servlet and added new dtds to the sql script
changes according to bug# 234 - metacat accession # handling, done
changed all mentions of DBAdapter to the new name AbstractDatabase
rename the DB* classes to:AbstractDatabaseOracleAdapterPostgresqlAdapterSqlserverAdapter
use the non-null function name from db adapter
included new function that returns db specific non-null function name
excluded revisionid from the insert statement for xml_revisions.It is identity column for SQL Server or filled by sequence for db as Oracle or Postgres
changed like with =
changed ... WHERE ... LIKE ? ...to ... WHERE ... = ? ...
MS SQL Server stores trailing spaces in varchar fields which shouldn't bethus added docid.trim() in the Java code
the ODBC multi-threading problem:in DBQuery we open ResultSet in the db connection and we are trying toopen another Resultset by AccessControlList which does not workthus open separate connection for use by AccessControlList.
changedSELECT ... WHERE LIKE ? ...to:SELECT ... WHERE = ? ...
It should be changed everywhere it is found
seems that there are problem in JDBC-ODBC bridge used with SQL Serverwhen using sql statements like:SELECT ...WHERE LIKE ? ...changed to:SELECT ...WHERE = ? ...and now it works
commented out the use of oracle.jdbc.driverthis was harcoded use for batching the sql calls at once in order to speed up the insert of XML Index
Changed the order of generating and getting Unique ID forxml_nodes.nodeid and for uniqueid part of the accession#because of SQl Server capabilities:first let the db to generate unique id on insert (by db trigger and sequence or by IDENTITY key),then get that unique id for further use by the application....
- new db adapter for MS SQL Server- changed the getUniqueID(conn, tableName) to return the last generated by the db unique IDinstead of generating unique ID first by the appl and then supplied to the insert,because SQL Server doesn't have capabilitiesunique ID to be generated on the client and then supplied to the insert.
change the call from getDateFunction() to getDateTimeFunction()
changed the getDate method to getDateTime and changed the returnstring in the postgresql implementation to "now()" from now()::date
change the call from getDateString() to getDateFunction()
change the method name getDateString() to getDateFunction()return "now()::date" in the DBPostgresql implementation of that method
The Postgres implementation of the dbadapter package, still needs testing andthe getDate... method just returns the db function to return the date; to retreive thecurrent time is a second function so we may want to add a second method to return thecurrent time.
- changed to use the DBAdapter uniform interface for all apperance of "sysdate" and uniqueid generation from sequenceMetaCatUtil:- reads from metacat.properties the dbadapter class implemented the interfaceand creates an instance of that class (in static public variable named dbAdapter) for use....
the abstract DBAdapter class and its Oracle implementationfor the new dbadapter package
Fixed bug in metacat where return doctypes were not being properlyback traced. Changed DBQuery.findDocuments() so that it no longertakes a returndoc array, but instead retrieves the returndoc arrayfromthe QUERYSpecification. The QuerySpecification was augmented...
Added ability to process multiple "returndoc" elements ina pathquery document. Now, any query hit will be back traced to anassociated package if that package is listed in one of the"returndoctype" elements.
Modifications that change the package handling behavior of metacat. Packagemembership is now determined by an identifier being used as either the subjector object in a triple. One can not request arbitrary returndocs -- onlythose types that have package information embedded can be "returndoctype"...
fix in the return of the last revisionid on UPDATE instead of the previous one