Project

General

Profile

Statistics
| Revision:

# Date Author Comment
7142 04/19/2012 02:04 PM ben leinfelder

remove extraneous pid and permission parameters from isAdminAuthorized() method and make public so that it can be called in other locations - namely before our asynchronous replicate() implementation on the MN.

7141 04/19/2012 01:50 PM ben leinfelder

check for empty null (missing) node.subjectList. This should probably be a required element in the D1 schema, but it appears not. (ORNL entry was missing subjects in cn-dev environment)

7140 04/19/2012 11:57 AM ben leinfelder

just use the e.getMessage() as e.getCause() may be null (seeing NPE when testing via the MN IT tester)

7139 04/18/2012 04:04 PM ben leinfelder

check for empty null (missing) node.subjectList. This should probably be a required element in the D1 schema, but it appears not. (ORNL entry was missing subjects in cn-dev environment)

7137 04/17/2012 03:15 PM ben leinfelder

no not record EML access rules that use the "denyFirst" permOrder.
https://redmine.dataone.org/issues/2614

7136 04/17/2012 09:20 AM ben leinfelder

needed to initialize the nodeList that stores matching nodes (by subject) -- this was the source of a NPE when we had a matching node subject.

7135 04/16/2012 05:38 PM ben leinfelder

do not create docid-guid mapping unless we are supposed to write access rules for the data to the dbase
https://redmine.dataone.org/issues/2572

7134 04/13/2012 04:40 PM Chris Jones

As Ben suggested, don't compare to the node list if there are no replicas listed. This reduces the number of calls to listNodes() on the CN.

7133 04/13/2012 04:32 PM Chris Jones

Minor logging change in throwing ServiceFailure when Hazelcast throws a RuntimeException.

7132 04/13/2012 04:07 PM Chris Jones

Modify getSystemMetadata() to allow nodes that are listed as replicas to access the system metadata. Use the Session.Subject to find a list of nodes from the CN that match the subject, and compare those node ids to the listed replica node ids. Add listNodesBySubject() helper method to do so.

7129 04/10/2012 10:42 AM ben leinfelder

save backup properties before attempting node registration/update so that we don't "forget" the user input

7128 04/09/2012 03:18 PM ben leinfelder

add a parameter for optionally writing EML-embedded access control rules to the Metacat DB.
https://redmine.dataone.org/issues/2584
https://redmine.dataone.org/issues/2583

7127 04/06/2012 04:22 PM ben leinfelder

added comments and logging about https://redmine.dataone.org/issues/2572

7126 04/06/2012 03:01 PM ben leinfelder

generalize the exception handling because our actions are the same no matter what the specific error is during create - we just notify the CN that the replicate call failed

7125 04/06/2012 02:58 PM ben leinfelder

catch general Exception that may be thrown during MN.replicate() when creating the object locally. There are a few records that keep slipping off our radar with no explanation as to why they remain in "REQUESTED" status.

7124 04/06/2012 01:53 PM ben leinfelder

do not download data at this point

7123 04/06/2012 01:53 PM ben leinfelder

catch errors for each localid we are processing so that they do do prevent other ids from having ORE content generated

7122 04/06/2012 01:52 PM ben leinfelder

additional debug logging for tracking down MN replication errors

7121 04/06/2012 01:35 PM ben leinfelder

only 2.1.0 EML docs for ORE generation right now...

7120 04/05/2012 04:28 PM ben leinfelder

band-aid for CN-CN replication permOrder issue when access control is embedded in EML and the system metadata is replicated before the EML. we just log the inconsistency and allow the insert to succeed
https://redmine.dataone.org/issues/2583

7117 04/04/2012 04:55 PM ben leinfelder

add comment about returning early when no system metadata can be found.
removed extraneous check on the content type of the SM -- was unused.
formatted indenting

7116 04/04/2012 04:49 PM ben leinfelder

for SystemMetadata events we first check the event for the SM value. If it returns null, we look it up from the shared map. It seems as if we don't always get a value with our events.

7115 04/04/2012 03:35 PM ben leinfelder

comment out: synchronize local system metadata on cn restart

7114 04/03/2012 01:31 PM ben leinfelder

synchronize local system metadata on cn restart

7113 04/03/2012 11:58 AM ben leinfelder

additional logging in MN.replicate()

7112 04/03/2012 11:32 AM ben leinfelder

double check "ecogrid" data urls for valid docid.rev - namely integer rev numbers - when parsing EML and also generating system metadata when necessary. Log the errors as warnings.

7111 04/02/2012 04:11 PM ben leinfelder

log calls to store() system metadata to the backing store

7109 04/02/2012 11:50 AM ben leinfelder

register stmml-1.1 schema (distributed as part of EML 2.1.0) in an effort to avoid unnecessary network traffic or the failed retrieval of the stale XSD sitting on unofficial servers

7108 03/30/2012 05:24 PM ben leinfelder

Add the listener for LifecycleEvent state changes

7107 03/30/2012 05:23 PM ben leinfelder

synchronizeLocalStore() when the cluster has a LifecycleEvent state change to RESUMED.

7106 03/29/2012 02:48 PM ben leinfelder

refactor memberAdded code to separate method - synchronizeLocalStore for possible reuse

7105 03/29/2012 11:19 AM ben leinfelder

handle last group of ids (oops)

7104 03/29/2012 10:33 AM ben leinfelder

use range of the list for test system metadata

7103 03/29/2012 08:48 AM ben leinfelder

use non-random list for generating system metadata in test mode

7102 03/28/2012 03:19 PM ben leinfelder

include debug statements for systemMetadataReplicationStatus and systemMetadataReplicationPolicy SQL

7101 03/28/2012 11:08 AM ben leinfelder

change ordering of getLogRecords() parameter -- pidFilter is in the middle now

7100 03/28/2012 10:21 AM ben leinfelder

use 'formatId' for listObjects() parameter
https://redmine.dataone.org/issues/2550

7099 03/27/2012 04:35 PM ben leinfelder

upgrade to latest RC in libclient and common jars -- includes updated getLogRecords and new mn.generateIdentifier method

7098 03/27/2012 02:25 PM ben leinfelder

-use MembershipListener to keep new members' backing store for system metadata synchronized with the shared system metadata map.
-remove the unused InstanceListener interface

7097 03/27/2012 09:22 AM Chris Jones

Modify deleteReplica() to use parameters parsed from the mime multipart entity rather than the request params. Need to check that the unit test uses MMP params. This partially addresses https://redmine.dataone.org/issues/2526.

7096 03/27/2012 09:11 AM Chris Jones

Modify CN.setObsoletedBy() to use parameters parsed from the mime multipart entity rather than the request params. Need to check that the unit test uses MMP params. This partially addresses https://redmine.dataone.org/issues/2526.

7095 03/27/2012 08:53 AM Chris Jones

Modify reserveIdentifier() to use parameters parsed from the mime multipart entity rather than the request params. Need to check that the unit test uses MMP params. This partially addresses https://redmine.dataone.org/issues/2526.

7094 03/27/2012 08:29 AM Chris Jones

Don't throw a JibXException, but rather convert it to a ServiceFailure.

7093 03/27/2012 08:27 AM Chris Jones

Modify owner() to set the rights holder from parameters parsed from the mime multipart entity rather than the request params. Need to check that the unit test uses MMp params. This partially addresses https://redmine.dataone.org/issues/2526.

7092 03/27/2012 07:42 AM Chris Jones

Add a collectMultipartParams() convenience method to D1ResourceHandler to parse multipart parameters from the entity when the entity contains no file parts.

7091 03/26/2012 04:25 PM ben leinfelder

add logging statements when there is a problem calling setReplicationStatus

7090 03/26/2012 03:11 PM Chris Jones

Get the serialVersion param from the MMP params map rather than the request object params map in setAccess().

7089 03/26/2012 02:10 PM Chris Jones

Add a few more debugging statements to HazelcastService for troubleshooting hazelcast map concurrency.

7088 03/23/2012 05:22 PM ben leinfelder

handle case where EML access rule "permission" is not in our constrained list (EML 2.0.0 doc showed this with a "none" permission for public principal). we now omit this invalid access rule when interpreting it in system metadata -- effectively dropping that invalid access rule. "none" had been stored as a 0 in the DB xml_access table and would not have given or denied access for the document so I think it can safely be omitted for good. for example, see knb-lter-gce.101.2 with this rule:...

7087 03/22/2012 09:31 PM Chris Jones

Use Jjava.util.Calendar rather than com.ibm ...

7086 03/22/2012 03:14 PM Chris Jones

Also allow MNs to set the FAILED status in setReplicationStatus(). this was an oversight on my part, trying to keep MNs that truly did succeed from overriding the COMPLETED status with FAILED.

7085 03/22/2012 12:13 PM ben leinfelder

use Java-based temp file creation instead of Date (ms) timestamp to ensure uniqueness of the file and avoid re-use by two concurrent threads.

7084 03/21/2012 11:26 AM ben leinfelder

use current datetime (at system metadata generation) as the date last modified

7083 03/19/2012 06:14 PM Chris Jones

Don't check for populated obsoletes and obsoletedBy fields during CN.create(), only MN.create(). The CN should expect that the MN has populated this field because of existing revision information, and should trust the MN information. Addresses https://redmine.dataone.org/issues/2507.

7082 03/19/2012 06:08 PM Chris Jones

Some minor logging changes.

7081 03/19/2012 12:40 PM ben leinfelder

use scope prefix (knb-lter-%) for random test doc population

7079 03/19/2012 10:12 AM ben leinfelder

use isAdminAuthorized() to check access to CN.create(). Note this method takes a pid and permission parameter and neither is used. Also removed the NotFound exception because it would never come up.

7078 03/19/2012 10:01 AM ben leinfelder

check that caller is CN/admin for CN.delete()
https://redmine.dataone.org/issues/2506

7077 03/19/2012 09:52 AM ben leinfelder

include CN.delete()
https://redmine.dataone.org/issues/2506

7076 03/16/2012 04:07 PM Chris Jones

Notify each replica MN when critical portions of system metadata change so the MN can pull the latest copy into its store. AccessPolicy and RightsHolder changes are the most critical for the MN to keep updated on.

7075 03/16/2012 11:40 AM Chris Jones

Only allow CNs to call MN.synchronizationFailed() by calling isAdminAuthorized(). The pid must also be valid.

7074 03/15/2012 07:50 PM Chris Jones

Modify CNodeService.setReplicationStatus() slightly to restrict MN-based calls to only set the status to COMPLETED. The CNs should be setting failures or invalidations, or the status can remain at QUEUED or REQUESTED, and the MNAuditTask can revisit those replicas as needed.

7073 03/15/2012 07:14 PM Chris Jones

Add a notifyReplicaNodes() method that calls MNStorage.systemMetadataChanged() on MN replica nodes for a given object identifier. This will be called when there are changes to AccessPolicy and rights holder since these are critical access metadata for an MN, but they can only be changed on the CN.

7072 03/15/2012 12:10 PM Chris Jones

Add some debugging statements in isAuthorized().

7071 03/15/2012 12:08 PM Chris Jones

In setReplicationStatus(), first check for a replica target MN subject match with the session subject. If this fails, look to see if CN admin access is allowed. Otherwise throw NotAuthorized. Addresses https://redmine.dataone.org/issues/2494

7070 03/15/2012 11:46 AM ben leinfelder

do not allow "Metacat-conforming" identifiers to be used. "test.1.001" is interpreted as "test.1.1" which renders "test.1.002" unusable unless a traditional Metacat "update" is used for that id/revision which contradicts the DataONE use of Identifiers that have no lexical requirements for revisions.

7069 03/15/2012 08:08 AM ben leinfelder

check for session when checking administrative authorization

7068 03/14/2012 12:02 PM Chris Jones

Remove individual calls to isAdminAuthorized() in favor of the centralized isAuthorized() call that handles it now.

7067 03/14/2012 11:57 AM Chris Jones

Incorporate isAdminAuthorized() into isAuthorized() for blanket CN access to objects.

7066 03/13/2012 04:00 PM ben leinfelder

check for null Session before continuing with setReplicationStatus()
https://redmine.dataone.org/issues/2476#note-3

7065 03/13/2012 03:09 PM ben leinfelder

do not attempt to parse empty file for the failure (BaseException serialization). There are cases when this is not given (failure="") when there is not a failure.
https://redmine.dataone.org/issues/2476

7064 03/13/2012 03:05 PM ben leinfelder

check for null session (public) calls to MN.replicate() before passing it to the asynchronous implementation

7063 03/13/2012 02:58 PM ben leinfelder

do not replicate if session is null

7062 03/13/2012 02:19 PM ben leinfelder

throw not authorized when attempting to getReplica as an invalid/non-existent node

7061 03/13/2012 12:19 PM ben leinfelder

transitive properties for mapped subjects:
-group membership
-verified flag
https://redmine.dataone.org/issues/2430
https://redmine.dataone.org/issues/2432

7060 03/13/2012 11:24 AM ben leinfelder

check group membership defined at group level (in addition to membership defined as part of of the Person level)
https://redmine.dataone.org/issues/2429

7059 03/13/2012 10:43 AM ben leinfelder

logging for permission checks - trying to nail down details of MN checking

7058 03/13/2012 10:08 AM ben leinfelder

use Event.CREATE.xmlValue() when converting "insert" to "create"
http://redmine.dataone.org/issues/2471

7057 03/12/2012 08:20 PM ben leinfelder

log records should be inclusive of fromDate parameter (>=)
https://redmine.dataone.org/issues/2471

7056 03/12/2012 04:38 PM ben leinfelder

use Timestamp object from results, not a new Date object from that Timestamp object

7055 03/12/2012 12:12 PM ben leinfelder

add an alternative method for loading system metadata identifiers but leave it commented out. We may find that using the ObjectList method is too much overhead, but it will always be consistent with what metacat reports for listObjects().

7054 03/12/2012 12:09 PM ben leinfelder

add note about long-running load for shared system metadata map

7053 03/12/2012 12:08 PM ben leinfelder

increase amount of text the 'xml_path_index.path' column can accommodate. I was seeing errors like this during indexing:
knb 20120312-11:42:05: [ERROR]: DocumentImpl.buildIndex - SQL Exception while indexing document knb-lter-and.3147 : ERROR: value too long for type character varying(1000) [edu.ucsb.nceas.metacat.DocumentImpl]

7052 03/09/2012 12:40 PM pippin

Added the following values to the HTTPD site configuration:
JkOptions +ForwardURICompatUnparsed
AllowEncodedSlashes On
AcceptPathInfo On

7051 03/08/2012 04:16 PM Chris Jones

If PID is not part of the multipart params, we end up with a NullPointerException. Throw an InvalidRequest in this case rather than ServiceFailure resulting from the NPE.

7049 03/08/2012 02:21 PM ben leinfelder

translate "insert" events in Metacat as Event.CREATE events ("create") for DataONE
https://redmine.dataone.org/issues/2461

7048 03/08/2012 11:18 AM ben leinfelder

for good measure, use the D1 encoding util for url decoding the parameters for listObjects
https://redmine.dataone.org/issues/2460

7047 03/08/2012 10:42 AM ben leinfelder

log record paging:
-use start and count parameters
-if start+count exceeds the total number of records, then only return from start to the end of the list
-if start exceeds total record count, start at the end of the list (will be empty list)
https://redmine.dataone.org/issues/2458

7046 03/07/2012 02:49 PM Chris Jones

Use 'fromDate' and 'toDate' as listObject param filters to comply with the API documentation. We had changed this in MNResourceHandler, but somehow missed it in CNResourceHandler.

7045 03/07/2012 02:30 PM ben leinfelder

check whether mapping (

7044 03/06/2012 08:26 PM ben leinfelder

catch additional NotFound exception for: "do not include log entries for documents that the caller is not allowed to read." https://redmine.dataone.org/issues/2444

7043 03/06/2012 02:03 PM ben leinfelder

serialize exception in header for describe response when there is a BaseException
https://redmine.dataone.org/issues/2440

7042 03/06/2012 01:41 PM ben leinfelder

do not include log entries for documents that the caller is not allowed to read. https://redmine.dataone.org/issues/2444

7041 03/06/2012 01:35 PM ben leinfelder

use revision provided in the docid when looking up guid. had been using latest revision which I think incorrectly reports on the log history.
noticed this when looking at: https://redmine.dataone.org/issues/2444

7039 03/05/2012 06:30 PM Chris Jones

A minor change to isAuthorized() - compare each Person in the SubjectInfo (not just the primary Subject) since each person could have an equivalent identity mapped to the primary Subject. Add debug logging for the comparison.

7038 03/05/2012 04:36 PM ben leinfelder

added debug logging
https://redmine.dataone.org/issues/2429

7037 03/05/2012 04:27 PM ben leinfelder

check if verified flag is null before evaluating (NPE during MN Auth test)
https://redmine.dataone.org/issues/2429

7035 03/05/2012 09:58 AM ben leinfelder

fixed Oracle script issues identified by: Brian Turcotte <>. He provided the fixes, so thank you!

7034 03/01/2012 02:20 PM ben leinfelder

do not include stylesheet for list of checksum algorithms -- there is no template for it and therefore looks blank in a browser

7030 02/24/2012 02:21 PM Chris Jones

Globally change the property 'dataone.memberNodeId' to 'dataone.nodeId'. This is more useful for both MNs and CNs implemented in Metacat. Also, change D1NodeService.getLogRecords() to return log entries with the actual node id rather than the IP address (looks like a cut/paste error)....