only admin users can call MN/CN.delete(). This is limited to any CN and only the MN that is calling itself
update the sysmeta data modified when setting archived=truehttps://redmine.dataone.org/issues/882
optionally remove the document/data file from the filesystem completely when 'deleting' it.https://redmine.dataone.org/issues/2677
newer d1 jars that include shared AuthUtilsmethod for isAuthorized() consistencyhttps://redmine.dataone.org/issues/2661
implement MN and CN.archive() method -- really just the existing delete() methods.https://redmine.dataone.org/issues/2674https://redmine.dataone.org/issues/2675
call MN.delete() for each replica when CN.delete() is calledhttps://redmine.dataone.org/issues/2676
defer to AuthUtils for flattening out the equivIdent subject list.https://redmine.dataone.org/issues/2661
check normal access control rules for getSystemMetadata before deferring to MN replica information that may grant MNs additional access to the SM.https://redmine.dataone.org/issues/2656
include Session-less interface methods and updated jars that define them.
remove extraneous pid and permission parameters from isAdminAuthorized() method and make public so that it can be called in other locations - namely before our asynchronous replicate() implementation on the MN.
check for empty null (missing) node.subjectList. This should probably be a required element in the D1 schema, but it appears not. (ORNL entry was missing subjects in cn-dev environment)
just use the e.getMessage() as e.getCause() may be null (seeing NPE when testing via the MN IT tester)
needed to initialize the nodeList that stores matching nodes (by subject) -- this was the source of a NPE when we had a matching node subject.
As Ben suggested, don't compare to the node list if there are no replicas listed. This reduces the number of calls to listNodes() on the CN.
Minor logging change in throwing ServiceFailure when Hazelcast throws a RuntimeException.
Modify getSystemMetadata() to allow nodes that are listed as replicas to access the system metadata. Use the Session.Subject to find a list of nodes from the CN that match the subject, and compare those node ids to the listed replica node ids. Add listNodesBySubject() helper method to do so.
add a parameter for optionally writing EML-embedded access control rules to the Metacat DB.https://redmine.dataone.org/issues/2584https://redmine.dataone.org/issues/2583
added comments and logging about https://redmine.dataone.org/issues/2572
generalize the exception handling because our actions are the same no matter what the specific error is during create - we just notify the CN that the replicate call failed
catch general Exception that may be thrown during MN.replicate() when creating the object locally. There are a few records that keep slipping off our radar with no explanation as to why they remain in "REQUESTED" status.
catch errors for each localid we are processing so that they do do prevent other ids from having ORE content generated
additional debug logging for tracking down MN replication errors
add comment about returning early when no system metadata can be found.removed extraneous check on the content type of the SM -- was unused.formatted indenting
for SystemMetadata events we first check the event for the SM value. If it returns null, we look it up from the shared map. It seems as if we don't always get a value with our events.
comment out: synchronize local system metadata on cn restart
synchronize local system metadata on cn restart
additional logging in MN.replicate()
double check "ecogrid" data urls for valid docid.rev - namely integer rev numbers - when parsing EML and also generating system metadata when necessary. Log the errors as warnings.
log calls to store() system metadata to the backing store
Add the listener for LifecycleEvent state changes
synchronizeLocalStore() when the cluster has a LifecycleEvent state change to RESUMED.
refactor memberAdded code to separate method - synchronizeLocalStore for possible reuse
change ordering of getLogRecords() parameter -- pidFilter is in the middle now
upgrade to latest RC in libclient and common jars -- includes updated getLogRecords and new mn.generateIdentifier method
-use MembershipListener to keep new members' backing store for system metadata synchronized with the shared system metadata map.-remove the unused InstanceListener interface
add logging statements when there is a problem calling setReplicationStatus
Add a few more debugging statements to HazelcastService for troubleshooting hazelcast map concurrency.
Use Jjava.util.Calendar rather than com.ibm ...
Also allow MNs to set the FAILED status in setReplicationStatus(). this was an oversight on my part, trying to keep MNs that truly did succeed from overriding the COMPLETED status with FAILED.
use current datetime (at system metadata generation) as the date last modified
Don't check for populated obsoletes and obsoletedBy fields during CN.create(), only MN.create(). The CN should expect that the MN has populated this field because of existing revision information, and should trust the MN information. Addresses https://redmine.dataone.org/issues/2507.
Some minor logging changes.
use isAdminAuthorized() to check access to CN.create(). Note this method takes a pid and permission parameter and neither is used. Also removed the NotFound exception because it would never come up.
check that caller is CN/admin for CN.delete()https://redmine.dataone.org/issues/2506
include CN.delete()https://redmine.dataone.org/issues/2506
Notify each replica MN when critical portions of system metadata change so the MN can pull the latest copy into its store. AccessPolicy and RightsHolder changes are the most critical for the MN to keep updated on.
Only allow CNs to call MN.synchronizationFailed() by calling isAdminAuthorized(). The pid must also be valid.
Modify CNodeService.setReplicationStatus() slightly to restrict MN-based calls to only set the status to COMPLETED. The CNs should be setting failures or invalidations, or the status can remain at QUEUED or REQUESTED, and the MNAuditTask can revisit those replicas as needed.
Add a notifyReplicaNodes() method that calls MNStorage.systemMetadataChanged() on MN replica nodes for a given object identifier. This will be called when there are changes to AccessPolicy and rights holder since these are critical access metadata for an MN, but they can only be changed on the CN.
Add some debugging statements in isAuthorized().
In setReplicationStatus(), first check for a replica target MN subject match with the session subject. If this fails, look to see if CN admin access is allowed. Otherwise throw NotAuthorized. Addresses https://redmine.dataone.org/issues/2494
check for session when checking administrative authorization
Remove individual calls to isAdminAuthorized() in favor of the centralized isAuthorized() call that handles it now.
Incorporate isAdminAuthorized() into isAuthorized() for blanket CN access to objects.
check for null Session before continuing with setReplicationStatus()https://redmine.dataone.org/issues/2476#note-3
do not replicate if session is null
throw not authorized when attempting to getReplica as an invalid/non-existent node
transitive properties for mapped subjects:-group membership-verified flaghttps://redmine.dataone.org/issues/2430https://redmine.dataone.org/issues/2432
check group membership defined at group level (in addition to membership defined as part of of the Person level)https://redmine.dataone.org/issues/2429
logging for permission checks - trying to nail down details of MN checking
use Event.CREATE.xmlValue() when converting "insert" to "create" http://redmine.dataone.org/issues/2471
add an alternative method for loading system metadata identifiers but leave it commented out. We may find that using the ObjectList method is too much overhead, but it will always be consistent with what metacat reports for listObjects().
add note about long-running load for shared system metadata map
translate "insert" events in Metacat as Event.CREATE events ("create") for DataONEhttps://redmine.dataone.org/issues/2461
log record paging:-use start and count parameters-if start+count exceeds the total number of records, then only return from start to the end of the list-if start exceeds total record count, start at the end of the list (will be empty list)https://redmine.dataone.org/issues/2458
catch additional NotFound exception for: "do not include log entries for documents that the caller is not allowed to read." https://redmine.dataone.org/issues/2444
do not include log entries for documents that the caller is not allowed to read. https://redmine.dataone.org/issues/2444
use revision provided in the docid when looking up guid. had been using latest revision which I think incorrectly reports on the log history.noticed this when looking at: https://redmine.dataone.org/issues/2444
A minor change to isAuthorized() - compare each Person in the SubjectInfo (not just the primary Subject) since each person could have an equivalent identity mapped to the primary Subject. Add debug logging for the comparison.
added debug logginghttps://redmine.dataone.org/issues/2429
check if verified flag is null before evaluating (NPE during MN Auth test)https://redmine.dataone.org/issues/2429
Globally change the property 'dataone.memberNodeId' to 'dataone.nodeId'. This is more useful for both MNs and CNs implemented in Metacat. Also, change D1NodeService.getLogRecords() to return log entries with the actual node id rather than the IP address (looks like a cut/paste error)....
throw InvalidToken when an invalid Permission is passed in. THis requires that internal calls to the method also check for this exception.https://redmine.dataone.org/issues/2388
do not allow blank node references to be used.https://redmine.dataone.org/issues/2362
only generate system metadata when the call comes from the legacy Metacat API, not the D1 API.https://redmine.dataone.org/issues/2362 (I think this was the culprit)
Get ReplicationPolicy correctly generated:-tweak the regular expression for getting the pref/blocked node list for default replication policy.-set blocked list (had mistakenly been two calls to set pref list)
actually, let's set the serialVersion during the MN.create() call so that the HZ map and the backing store have the same information immediately. Also, this is how the docs specify it.http://mule1.dataone.org/ArchitectureDocs-current/design/SystemMetadata.html
remove ID mapping when a create()/"insert" call fails so that subsequent calls do not return an IdentifierNotUnique error. In this case it was due to invalid XML.https://redmine.dataone.org/issues/2341
use RC-3 DataONE jars and fix compilation error that arose. https://redmine.dataone.org/issues/2351
CNodeService.listChecksumAlgorithms() was returning null rather than the list. Fixed.
Update D1NodeService to reflect new ObjectFormatCache signature.
1. lookup and use the guid when processing obsoletes/obsoletedBy entries -- had previously been assuming localId==guid but now that we have introduced DOIs as part of the Metacat upgrade process, we may have DOIs for the guid that map to localIds.2. base ORE guids on the localid of the data package they are describing and not on their DOI -- otherwise we might mash up the DOI prefix (or other id scheme that we are unaware of). By using resourceMapPreix + localId we are sure to have a valid localid and guid for the ORE map we create and add to the system
use updated authorization policies as discussed in:https://redmine.dataone.org/issues/2277andhttp://epad.dataone.org/20120131-authn-authz-questions
remove createAndInsertSystemMetadat() method that acts on a single localId -- incorporated this into the localId-list-based method.
refactor IdentityManager.createSystemMetadata(sm) to be insertSystemMetadata(sm) so that it is clear that this method inserts the SM object into the backing store. This differentiates it from the "generation" methods we use when we need to create SM about pre-existing objects or objects we get from non-D1 api calls.
generate SystemMetadata during D1 registration (not 2.0.0 upgrade). This process runs in a thread and updates a metacat.properties value when it is complete.
match changes to MN service methods (return type as boolean)
Added new methods to generate a default replication policy based on properties from the metacat configuration. This is called during system metadata creation for objects that lack any system metadata.
Clean up warnings in class.
handle "BIN" objects so as to avoid repeated calls to lookup the non-existent ObjectFormat
catch cases where the previous/next revision of objects have not had system metadata generated yet
create system metadata object if it wasn't found in HZ
multithreaded implementation for processing docids for system metadata generation.need to investigate ant/junit running that deadlocks hazelcast (config?)
additional logging of the config file being used - seem to have thread locking on the xmlConfig use when running under ant/junit
calculate object size using the size on the file system rather than re-reading as an input stream.Now only EML document bytes will be read twice: once for the checksum and again for parsing out datapackage details
system metadata generation optionally skips entries that have already been generated (data size, checksum) but allows the latest EML that describes them to have the last word on object format
remove DML for parsing -- the D1 EML parser still uses DOM, so this may not be too big of a perfromance improvement
fix a bug in MNodeService.replicate() where the checksum value was being compared to the computed checksum object, not its value.
use UTC serialization for log entries so that the timestamp, not just the date, is preservedhttps://redmine.dataone.org/issues/2257