beef up isAuthorized method to check for "public" access rules and also for the rights holder
do not delete if the sysmeta doesn't exist
Use 'synchronization_failed' for the event string in synchronizationFailed(), and add a TODO to use the event enum when the 0.6.3 types are updated.
return all public objects for the search() method [for now]
Changed 'guid' to 'pid' to be in line with the D1 API.
simplify the MN rest servlet mapping to match CN mappings - also streamlined the handler code to share extra path info parsing
add space to error message
route all /d1/cn/* traffic through the CNRestServlet/Handler -- inspect the pathInfo when deciding what action to take and also strip off any extra parts (like pid).include query() method pass-through to CNodeService
add the old ecogrid query code (still commented out) from the old Rest handler
allow service implementation method to throw exception when guid parameter is null
allow parameters to be omitted in reserveIdentifier handling
implement reserveIdentifier() and check whether the id is reserved when creating records (only allow the create when the Subject creating matches the Subject who reserved it -- currently stored in rightsHolder)
allow for provisional SystemMetadata records (provisional=true)
remove extraneous update() call when create() does the call for us
use monitor() return value when processing response
throw exceptions up the call stack and handle exception reporting/serialization centrally in the handle() method
use logging, not system.out
consolidate session management and parameter preparation in the superclass
throw exceptions up the call stack rather than catching and handling them differently for each possible rest path
consolidate multi part handling in the super class - subclasses need only call the appropriate helper to get access to the needed resources. superclass does some validation to make sure the files are in place in the request
cleaning up the handlers -- removing superclass methods.
refactor to use D1RestServlet and D1ResourceHandler for the D1 rest interface
deprecate the old rest servlet in favor of the new D1-specific (CN/MN) versions
MN rest servlet, handler and mappings
share getSystemMetadata (before refactoring the superclass)
share getSystemMetadata (before refactoring this superclass)
Add placeholder NotImplemented exceptions for getOperationsStatistics() and getCapabilities() in MNodeService.
Implement MNCore.ping() by testing for a successful database connection.
Minor housekeeping - tabs to spaces.
Implement update() in MNodeService. Handle both XML science metadata updates and data object updates. Keep system metadata up to date, and log the update event.
Make isScienceMetadata() protected for access from subclasses.
Add insertSystemMetadata() to D1NodeService, wrap the exception handling from calls to IdentifierManager.
Add updateSystemMetadata() to D1NodeService as a helper method to wrap the exception handling from calls to IdentifierManager.
At Ben's suggestion, add metacatUrl to D1NodeService and make it available to subclasses. Set the metacatUrl in the constructor using SystemUtil rather than all roll your own PropertyService calls. More concise. Also, log the delete event in MNodeService.delete().
add CNRestServlet and mappings for urls in the form:/d1/cn/*This extends existing code for CN-specific handling. MN handling will be analogous and is forthcoming
share the deserializer method with subclasses
throw NotAllowed in MNodeService.delete() when isAuthorized() returns false.
Implement the MNStorage.delete() MNodeService. There is debate about what permissions are needed to 'delete' an object (archive it in metacat terms): D1 'WRITE' (metacat 'write') or D1 CHANGE_PERMISSION (metacat 'all'). For now we are using CHANGE_PERMISSION until it is ironed out.
add shared operations for authorization
share tempDir method with subclasses
make RestServlet and ResourceHandler extendible for D1 CN and MN handlers
use session member variable now that we actually have it
isAuthorized: check for nulls in Session subjects, catch any unexpected errors and deny access when in doubt
remove CrudService calls in favor of MNodeService
Remove setParamsFromRequest() from D1NodeService. This was called (previously as CrudService) from ResourceHandler, but will be deprecated in favor of manually creating a param map for each method that needs to pass params on to MetacatHandler.
Implement [MN|CN]Storage.create() in D1NodeService. Since MetacatHandler requires an IP for event logging, we pass in the metacat URL (hold over from CrudService). To do this in the abstract D1NodeService, change the constructors to take metacatUrl as a parameter and get the URL from the metacat properties file in getInstance() of the subclasses. Needs testing.
include URL in resolve() method as well as placeholder for preference
Metacat does not implement CNRegister
Implement CNRead.synchronizationFailed() in MNodeService. Note: The CN URL is not yet available in the SynchronizationFailed exception, but will be once the d1_common_java exception is updated. See https://redmine.dataone.org/issues/1656. Once updated, change this method to explicitly state the CN URL making the call.
Change Metacathandler.read() to be public since it's internal to Metacat, and use read() in D1NodeService after isAuthorized() for the calling Subject from the Session object.
add missing comma in xml_replication insert
Implement MNRead.listObjects() in MNodeService.
Implement MNRead.describe() in MNodeService.
Implement MNRead.getChecksum() in MNodeService.
Minor formatting changes - tabs to spaces, indents, etc.
Implement [MN|CN]Read.get() in D1NodeService. Added setParamsFromRequest() to pass through parameters from the request object. Since the D1 Authorization API doesn't specify which authentication system a subject belongs to, we don't know if the subject listed is a KNB LDAP DN. isAuthorized() may return true for a mapped identity, but we don't know the DN of the KNB identity per se. This needs to be tested.
-use every Subject in the session (alt Ids and Group membership)-consolidate to single isAuthorized method
throw exception for unimplemented methods
implement resolve() method
implement assertRelation
implement CNReplication.setReplicationStatus() but with a note about selecting which replica's status should be set (right now it is all)
implement CNReplication.setReplicationPolicy
correction: implementation is CN-specific
implement getChecksum() in the superclass
implement getChecksum (retrieves from system metadata)
use shared get() method from superclass
use shared getLogRecords method
Remove isAuthorized(), setAccessPolicy(), and getLogRecords() methods since they're implemented in the superclass.
use Permission, not Event for isAuthorized() methods
merge changes from 1.9.5 branch for upgrade process (1.9.3->1.9.4->1.9.5)
do not delete the access rules when we "archive" the document on "delete" (commented out for now)
allow reading from xml_revision table when we are the doc owner
CNCoreImpl is replaced by CNodeService
implement CNAuthorization
Metacat does not implement CNIdentity - it is a stand-alone service
implement registerSystemMetadata
implement object format methods - using a separate class to do the actual metacat lookup/caching so that teh CN implementation looks cleaner
implement getLogRecords
include latest D1 common/lib changes
Initial check in of the MNodeService stub methods that implement the D1 MN* interfaces. CrudService methods will be transitioned into this class. The methods follow the D1 0.6.2 API thus far.
Also changed CNodeService to reflect minor changes to the D1NodeService class.
Add a static getInstance() method to CNodeService and make CNodeService a singleton.
Initial check in of the CNodeService stub methods that implement the D1 CN* interfaces. CNCoreImpl methods will be transitioned into this class. The methods follow the D1 0.6.2 API thus far.
CNAuthorization.isAuthorized() and MNAuthorization.isAuthorized() differ. Removed it from the base class.
getChecksum() is intentionally different on the CN vs MN, so I'm removing it as a common method.
Initial check in of the D1NodeService class that provides methods common to both CNodeService and MNodeService implementation classes. The common API methods are:
Methods common to CNCore and MNCore APIsgetLogRecords()
Methods common to CNRead and MNRead APIs...
placeholder for setting up certificate manager
remove AuthToken (use session). Remove login() call. Use AccessPolicu object to set public read permission
take getLogRecords impl form CrudService and use in CNCoreImpl
escape quotes when processing returnfield with predicates. example:<returnfield>dataset/dataTable/physical/distribution/online/url[@function='download']</returnfield>
Updated MetacatPopulator to now use ObjectFormatCache.getInstance(). Note: problems remain with the authentication API changes - calls to mn.login(), etc. need to be addressed.
Removed ObjectFormatService in favor of CNCoreImpl
Added support in ResourceHandler for the /formats collection. Added listFormats() and getFormat() method, both of which call CNCoreImpl methods to handle the call.
Updated CNCoreImpl to implement listFormats() and getFormat(), and changed calls to ObjectFormatCache in IdentifierManager, MetacatHandler to call getInstance(). Removed the ObjectFormatService registration from MetaCatServlet since it is replaced by CNCoreImpl.
add option for replicating system metadata (dataone)https://redmine.dataone.org/issues/1626also make sure the latest table changes are included in upgrade scripts
add option for replicating system metadata (dataone)https://redmine.dataone.org/issues/1626
use Data Manager Library to parse EML when needed in DataONE classes.(augmented DML to parse data format elements in EML to estimate MIME type)https://redmine.dataone.org/issues/1634
When calling SystemMetadata.getObjectFormat(), return the string value of the ObjectFormatIdentifier rather than ObjectFormat.toString() (which no longer returns the fmtid string).
When calling SystemMetadata.getObjectFormat(), return the value of the ObjectFormatIdentifier rather than ObjectFormat.toString() (which no longer returns the fmtid string).
organize imports so that it is clearer what dependencies exist on the D1 jars
include create() and reserveIdentifier() methods