isAuthorized: check for nulls in Session subjects, catch any unexpected errors and deny access when in doubt
remove CrudService calls in favor of MNodeService
Remove setParamsFromRequest() from D1NodeService. This was called (previously as CrudService) from ResourceHandler, but will be deprecated in favor of manually creating a param map for each method that needs to pass params on to MetacatHandler.
Implement [MN|CN]Storage.create() in D1NodeService. Since MetacatHandler requires an IP for event logging, we pass in the metacat URL (hold over from CrudService). To do this in the abstract D1NodeService, change the constructors to take metacatUrl as a parameter and get the URL from the metacat properties file in getInstance() of the subclasses. Needs testing.
include URL in resolve() method as well as placeholder for preference
Metacat does not implement CNRegister
Implement CNRead.synchronizationFailed() in MNodeService. Note: The CN URL is not yet available in the SynchronizationFailed exception, but will be once the d1_common_java exception is updated. See https://redmine.dataone.org/issues/1656. Once updated, change this method to explicitly state the CN URL making the call.
Change Metacathandler.read() to be public since it's internal to Metacat, and use read() in D1NodeService after isAuthorized() for the calling Subject from the Session object.
add missing comma in xml_replication insert
Implement MNRead.listObjects() in MNodeService.
Implement MNRead.describe() in MNodeService.
Implement MNRead.getChecksum() in MNodeService.
Minor formatting changes - tabs to spaces, indents, etc.
Implement [MN|CN]Read.get() in D1NodeService. Added setParamsFromRequest() to pass through parameters from the request object. Since the D1 Authorization API doesn't specify which authentication system a subject belongs to, we don't know if the subject listed is a KNB LDAP DN. isAuthorized() may return true for a mapped identity, but we don't know the DN of the KNB identity per se. This needs to be tested.
-use every Subject in the session (alt Ids and Group membership)-consolidate to single isAuthorized method
throw exception for unimplemented methods
implement resolve() method
implement assertRelation
implement CNReplication.setReplicationStatus() but with a note about selecting which replica's status should be set (right now it is all)
implement CNReplication.setReplicationPolicy
correction: implementation is CN-specific
implement getChecksum() in the superclass
implement getChecksum (retrieves from system metadata)
use shared get() method from superclass
use shared getLogRecords method
Remove isAuthorized(), setAccessPolicy(), and getLogRecords() methods since they're implemented in the superclass.
use Permission, not Event for isAuthorized() methods
merge changes from 1.9.5 branch for upgrade process (1.9.3->1.9.4->1.9.5)
do not delete the access rules when we "archive" the document on "delete" (commented out for now)
allow reading from xml_revision table when we are the doc owner
CNCoreImpl is replaced by CNodeService
implement CNAuthorization
Metacat does not implement CNIdentity - it is a stand-alone service
implement registerSystemMetadata
implement object format methods - using a separate class to do the actual metacat lookup/caching so that teh CN implementation looks cleaner
implement getLogRecords
include latest D1 common/lib changes
Initial check in of the MNodeService stub methods that implement the D1 MN* interfaces. CrudService methods will be transitioned into this class. The methods follow the D1 0.6.2 API thus far.
Also changed CNodeService to reflect minor changes to the D1NodeService class.
Add a static getInstance() method to CNodeService and make CNodeService a singleton.
Initial check in of the CNodeService stub methods that implement the D1 CN* interfaces. CNCoreImpl methods will be transitioned into this class. The methods follow the D1 0.6.2 API thus far.
CNAuthorization.isAuthorized() and MNAuthorization.isAuthorized() differ. Removed it from the base class.
getChecksum() is intentionally different on the CN vs MN, so I'm removing it as a common method.
Initial check in of the D1NodeService class that provides methods common to both CNodeService and MNodeService implementation classes. The common API methods are:
Methods common to CNCore and MNCore APIsgetLogRecords()
Methods common to CNRead and MNRead APIs...
placeholder for setting up certificate manager
remove AuthToken (use session). Remove login() call. Use AccessPolicu object to set public read permission
take getLogRecords impl form CrudService and use in CNCoreImpl
escape quotes when processing returnfield with predicates. example:<returnfield>dataset/dataTable/physical/distribution/online/url[@function='download']</returnfield>
Updated MetacatPopulator to now use ObjectFormatCache.getInstance(). Note: problems remain with the authentication API changes - calls to mn.login(), etc. need to be addressed.
Removed ObjectFormatService in favor of CNCoreImpl
Added support in ResourceHandler for the /formats collection. Added listFormats() and getFormat() method, both of which call CNCoreImpl methods to handle the call.
Updated CNCoreImpl to implement listFormats() and getFormat(), and changed calls to ObjectFormatCache in IdentifierManager, MetacatHandler to call getInstance(). Removed the ObjectFormatService registration from MetaCatServlet since it is replaced by CNCoreImpl.
add option for replicating system metadata (dataone)https://redmine.dataone.org/issues/1626also make sure the latest table changes are included in upgrade scripts
add option for replicating system metadata (dataone)https://redmine.dataone.org/issues/1626
use Data Manager Library to parse EML when needed in DataONE classes.(augmented DML to parse data format elements in EML to estimate MIME type)https://redmine.dataone.org/issues/1634
When calling SystemMetadata.getObjectFormat(), return the string value of the ObjectFormatIdentifier rather than ObjectFormat.toString() (which no longer returns the fmtid string).
When calling SystemMetadata.getObjectFormat(), return the value of the ObjectFormatIdentifier rather than ObjectFormat.toString() (which no longer returns the fmtid string).
organize imports so that it is clearer what dependencies exist on the D1 jars
include create() and reserveIdentifier() methods
include override annotation for register method
use Date not joda's DateTime
expose spatial cache regeneration option in the admin interface
force replication for newly-registered system metadata
Merged in the D1_0_6_2_BRANCH changes that include the transition from ObjectFormat calls to ObjectFormatCache calls.
check system metadata for the id as well (in cases when we only have system metadata)
include GUID column for xml_access and related methods for storing/retrieving access rules
implement the old interface for now (until 0.6.2)
include CNCore implementation - only registerSystemMetadata is implemented at the moment. also - updated d1 jar (0.6.2) should be used since that is where the method is defined.would like to consider making ResourceHandler more modular - seems like it does A LOT of different things
include System Metadata forced replication - just need to figure out when to call it!
handle timed replication of system metadata. there are still a few outstanding issues: -track server location of system metadata-only entries-replication policy flag for system metadata-only entries?-locking for replicated entries?-forced replication of entries
read and write D1 access policy rules from metacat xml_access table.still TBD: which mechanism takes precedence when there are systemMetadata access rules and EML access rules and other access rules?
persist system metadata replication policy and status using db tables
rework SystemMetadata creation when inserting documents via the Metacat servlet api (in which case there was no client-supplued system metadata)
do not look in systemMetadata for a docid->guid mapping
transfer full System Metadata (as XML) during document and data replication
remove docid and rev from systemMetadata table
-remove system metadata guid -> local id mapping (there is no document for system metadata now)-include system metadata elements when replicating data objects (TODO: transfer all system metadata structures with the docinfo request).TODO: remove docid+rev from the systemMetadata table definition
add systemMetadataProvenance table for tracking those relationships
do not use XML files for storing SystemMetadata - use DB tables only.
Modified Metacat to build against the D1_SCHEMA_0_6_1 branch of the dataone schemas by incorporating the 0.6.1-SNAPSHOT version of d1_common and d1_libclient libraries, and refactoring Metacat code references to the d1 schema changed types.
In order to sync up with DataONE 0.6.1 changes, I'm backing out ObjectFormatService changes temporarily in Metacat. Most functionality will be rolled back in using the DataONE 0.6.2 tag, but some methods in ObjectFormatService (such as getListFromDisk()) will be moved into d1_libclient_java.
Changes in the DataONE ObjectFormat class deprecate the convert() method, and we're now using Metacat's ObjectFormatService to look up object format attributes. The following changes replace ObjectFormat.convert() with ObjectFormatService.getFormat() in several classes....
Include the DataONE 0.6.0 type schema in the SQL schema and DTD loader script.
use update method to update the mapping between local and guid (d1) when we get a force replication request that is an "update
generateMissingSystemMetadata was swallowing Exceptions instead of throwing. Refactored so that specific exceptions are thrown, affecting [create/update]SystemMetadata methods, too.
committing changes related to the new restservice update specification (newPid vs. obsoletedGuid)
replace whitespace in generated docid scope (sanparks patch from 1.9.4 branch)
use outputstream as an object, not a string. relax the Map typing to allow for mixed values. (sanparks patch)
use "object_format" element consistently so that it is replicated across instanceshttps://redmine.dataone.org/issues/1514
remove very old "metacat webservice" code - as far as i can tell it is never referenced or used. plus we have eocgrid and the new D1 rest services covering this territory now
zero padded date string in DocumentUtil.generateDocumentId() for readability
Use SystemUtil.getContextURL() in ResourceHandler to construct the DataONE service URL (rather than direct calls to PropertyService). This handles http and https URLs, and strips the :80 or :443 for the well known ports.
Minor changes to MetacatHandler:- Improved logging where MetaCatServlet.class was used in getLogger() rather than MetacatHandler.class (holdover from the refactor)- Minor formatting changes, and replacement of 'MetaCatServlet' with 'MetacatHandler' in the logging output as needed.
improved multipart handling (improved logging messages, code, and error checking). Added exception classname to error output when the generic Exception is thrown. Added error check for cases of null value for file parts 'sysmeta' and 'object.'
added a few debugging lines in createSystemMetadata() related to contents of identifier strings
Modified IdentifierManager.getDocumentInfo() to include the docid in the returned hash map, since it is useful to be able to obtain the docid and rev separately from a given fullDocidWithRev (e.g. test.1.1).
fixing annoying error message inaccuracy
Changed AuthLDAP to deal with cases where getAttributes encounters non-stringattributes (which used to cause a ClassCastException). Now, if an attributevalue can not be cast to string, we catch the class cast exception and justskip this value. This only typically occurs when an LDAP server is set to send...
MOdified MetacatHandler to catch cases where ObjectFormat is not being set properly on data files whengenerating SystemMetadata. When the EML document contains a format for an entity that maps to a nulltype in ObjectFormat.convert(), then the type ends up being null and an error is generated on insertion...
allow "docid override" queries to include the results of a "normal" query - if the operator is left null, it acts as the usual override, otherwise UNION and INTERSECT modes can be used to either augment or refine the results.this is for incorporating semantic+spatial+keyword queries into one query operation/result
remove System.out statements in favor of logging