merge to trunk from 2.6 branch: action=validatesession can handle Authorization token
merge to trunk: debugging statements that were added in 2.6 branch
Merge changes from the 2.6.0 branch in MNodeService.allowUpdating() so it honors the localhost MN certificate.
refs https://projects.ecoinformatics.org/ecoinfo/issues/7018
merge from 2.6 branch: use AuthUtils to get group and equivalent identities rather than manually try to extract groups from subject info (can include incorrect groups for given primary subject). https://github.nceas.ucsb.edu/KNB/arctic-data/issues/163
merge from 2.6 branch: use group subject (not name) when translating Session.subjectInfo into group list for Metacat's DocumentImpl. https://github.nceas.ucsb.edu/KNB/arctic-data/issues/163
Add more information on the error message if the client's certificate is not trusted.
Merge the changes from the 2.6 branch into the trunk, fixing filename construction.
refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/151
merge from 2.6 branch: add support for EML 2.1.1 in OAI-PMH provider. https://projects.ecoinformatics.org/ecoinfo/issues/7009
merge from 2.6 branch: add method for retrieving access control block from metacat api
Fixed a bug to use an identifier object to get a value in a vector.
Check the chain end if obsoleted by another object.See ticket https://redmine.dataone.org/issues/7624
Use sql command to get some information rather than hazelcast.
merge changes to accommodate multiple alternative identifiers into trunk from 2.6 branch.
Use a hashmap to replace a sql query to improve performance in the getHeadPID method.
In the getHeadPID method, we got the field obsoletedBy from the systemmetadata table rather than the hazelcast service.
Reformat the create and update method.
Close the input stream on the create/update method when the code aborts.
Close the the input stream from the method parameter in the create method.
Merge registry changes into the trunk.
Made the ssl http client not moinitor the stale connections.
Use the new AutoCloseInputStream wrapper for replication. It will close but http client and input stream when the inputStream.close method is called.
Merge minor registry changes from the 2.6 branch back to the trunk.
refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/107
If a format id in the system metadata is registered in the xml_catalog table, we will use the schema location for the format id to validate the xml instance;otherwise, we will use our previous way.
Add noaa schema items on the xml_catalog table and set the version to 2.7.0
Add the format_id column on the xml_catalog table.
Add the upgrade script which add a new column format_id on the xml_catalog table.It also adds the items for the noaa schema on the xml_catalog table.
Add a fundingElement() method to insert the funding element into the generted EML. Ensure it is added to the template variables hash for maintaining state across stages.
refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/42
Fix a bug in testing the validity of the CGI Session. It can't be empty or expired.
Change the version to 2.6.0
Validate the session during the modification stage, rather than just assuming a CGI session (support tokens too).
Also, fix the XML document validation issue where an <additionalParty> element is added prior to the <metadataProvider> element. This seems to be an intermittent issue, and may be due to more recent versions of perl returning hash contents more randomly than previous versions. The %orig hash passed in to personnelList() is assumed to be random now, and I just ensured the metadataProvider is first in the produced string....
Modify getCredentials() to support token-based credentials.
Close the input stream object on the MN.replicate method.
use SM.fileName if we have it. https://projects.ecoinformatics.org/ecoinfo/issues/6970
ensure there is a file extension included for the data files in a package download. https://projects.ecoinformatics.org/ecoinfo/issues/6970
We ended up not being able to use IO::Socket::SSL, so I removed the import statement. Also, add the new Perl module dependencies to the installation documentation.
Add code to print the the stack trace on the getPackage method in order to help us to identity some tmp file issues.
Change getUsername() to also support adding usernames into an EML access element from the authentication token's 'sub' claim.Also, add a bit of debugging output for tracing the flow of the XML generation.
Modify the Metacat.pm upload() method to use the correct Content-Type for the form. RFC 2388 specifies that the Content-Type should be "multipart/form-data", and that the Content-Disposition should be "form-data", along with the "name" parameter.
Also handle authentication tokens when uploading data (action=upload) by using Ben's RequestUtil.getSessionData() changes.
refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/43
dd the hasValidAuthToken() method to determine if the current token (if any) is valid. Use this and validateSession() within the script to determine if we need to call Metacat->login() or not. Add some minor debugging to work through the code stages using auth tokens....
Fix a couple of syntax issues.
Don't forget to set the token variable from the HTTP_AUTHORIZATION environment variable.
Add a setAuthToken() method. when the HTTP_AUTHORIZATION environment variable is set, set the value as the `auth_token_header` instance variable in the Metacat instance passed in. This requires that the Apache installation includes an HTTP rewrite rule to pass the header on to an CGI processing the request. Call this method whenever we instantiate a Metacat object....
Modify the Metacat.pm sendData() method to include the Authorization HTTP header when it's available as an instance variable.
refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/41
In the isScienceMetacata method, the ServiceFailure exception shouldn't be caught anymore, since the code doesn't throw it.
In order to access the JWT authentication token, we need to configure the Apache installation to pass the Authorization header on to CGI scripts. Do this with mod_rewrite.
allow Metacat API calls to be made by clients providing their identity with a DataONE auth token. https://github.nceas.ucsb.edu/KNB/arctic-data/issues/43
If the user doesn's specify the ldap ca file path on the metacat.properties, it will use the default one.
Add the java code to handle the ezid configuration.
Put a detal code on the InvalidRequest exception in the getPackage method.
If the pid it is a package id in the getPackage method, the method will throw an InvalidRequest exception.
Make sure to close the prepared statement on the final statement.
Close the result and connection in the finally clause to make sure they being closed.
add warning when exception encountered loading SM into map.
Add the dataone create event mapping to the select clause.
map the metacat log event INSERT, upload and UPLOAD to the dataone log event "create"
set authoritative MN to origin MN if the client did not set it on mn.create. https://projects.ecoinformatics.org/ecoinfo/issues/6938
include metacat context in the redirect after successful harvester registration login. https://projects.ecoinformatics.org/ecoinfo/issues/6936
Add a policy_id in the smReplicationPolicy table to help preserver the order of the nodes list.
Use the "order by" to preserve the nodes order in the replication policy.
Use the ServiceFailure to replace the InvalidRequest when it is the read-only mode (CN throws the exception).
In the replicate method, the checking of the read-only mode was moved from MNodeService class to the MNResourceHandler class since it is asynchronized.
The systemmetadataChanged method is asynchronized, so we put the read-only checking on the ResourceHandler class.
Add the code to check if the mn is on the read-only mode.
Add the code to check if the metacat is in the read-only mode.
Add the code to handle the read-only mode.
Add a class to determine if the metacat is in the readonly mode.
Add the check that only the administrator can shrink the connection pool.
Close the sql statements on the four methods - getGUID, getHeadPID, systemMetadataSIDExist and systemMetadataPIDExist.
Close some prepared sql statement in the summarize method.
merge from branch: only check for d1 rightsholder when checking permissions in original metacat code base, otherwise legacy access control tests in metcat begin to fail. https://redmine.dataone.org/issues/7560
include check for d1 rightsholder when checking permissions in original metacat code base. https://redmine.dataone.org/issues/7560
Add the sql file for the upgrading.
merge from 2.5.x branch: neglected to replace solr schema during 2.5.0 upgrade - this will do it for 2.5.1.
Escape the user names, group name and other information in the xml format.
Add the keyword "select" into the list.
Reset the xml_catalog_id sequence value to the max value of the table.
remove "al" prefix from subquery since we are only querying one table and do not need to use a prefix.
merge from 2.5 branch: use subquery to do paging before joining to identifier table. https://redmine.dataone.org/issues/7491
Add more statement to debug the query performance.
Use conditional method for retrieving server URL (http vs https). When metacat is configured to force SSL communication we get the https url, otherwise we get http. this allows us to use the DBTransform on localhosts that are not using SSL.
Fixed a bug that the publish method should throw an io exception.
Move the editScienceMetadata method to the MNodeService class - only update packageId in EML on publish()
update documentation to reference Tomcat 7, Java 7 and newer apache config file name conventions. https://projects.ecoinformatics.org/ecoinfo/issues/6855
Fixed a bug in the condition check for the archive field in the updateSystemMetadata method.
The archived field can't be reset to false if it is true in the systemMetadataChanged method.
Doesn't allow to reset the archived field to be false if the field is true in the updateSystemMetadata method.
In the systemMetadataChanged method, we will update system metadata when the local serial version is less than or equals the comming one.
refs #7453: modified the metacatLog message from mn.synchronizationFailed to include the syncFailed.message field. Also increased the log level to WARN.
Remove the method editScienceMetadata from the update method. This method will add a packageId attribute into the eml document. Lauren will add the method to the publish method.
In the systemMetadataChanged method, the object will be archived if the new archive value is true and old value is false.The log event is recorded in the systemMetadataChanged method as well.
Make the isAuthoritativeNode throw exception if some value is null.
In the updateSystemMetadata method, we avoid to log the event twice for archive=true.
In the setReplicationStatus method, it only notified the replicas when the status is completed. Now we added the status - failed and invalid.
use idFilter for v2 getLogRecords() to match v2 API definition.
refs #7419: refactored CNodeService implementations to not throw IdentifierNotUnique for hasReservation.
In the reindex method, the error message will be sent back.
In the create method, the modification date is reset only on the objects whose authoritative member node is v1.
In the deleteReplicationMetadata method, the modification date of the system metadata will not be reset.