Metacat

In hasPermission method, a situation was considered: if no user and group, the permssion will be true. This is for the command line invocation.

Method endElement in AccessControList was revised. A feature that put access document itset into xml_access was added.

In hasPermission method, a rule for access document is implements. If user want to write a access document, it should hhave "all" permission.
The permission for access document now is looking up in xml_access table directly, rather get same permission to data set document.

In order to increase data file docid, method registerDocument was revised. Now it not only insert a new data file record to xml_documents table, but also can update the data file documents. Moreover, it can archieve the old version to xml_revisions table. Two other private methods were added to handl these futures: deleteXMLDocuments and getLatestRevisionNumber.

fixed my tagging error

some small changes I had to make to get the QAENGINE demo to work right. this should be committing in a branch

We decided that the permission for a user to an access documents is as same as to the data set document(which contains the access document). In order to do this, we need to look-up xml-relation table. If we could find the data set document id, just check the id. If we couldn't find one, we need check if the user is owner. If it is, has permission. Otherwise, doesn't have.

Add a new method getDataSetId to the class. The permission policy for access documents is: the user will have the same permission as data set file. (There is no entry in xml_access table for access document.

Add a throwing exception in hasPermission and hasReadPermission methods.

Add a throwing exception in haspermission method.

A constructor for this class was added. In the new constructor, user can specify the revision number he want to update. In method writeDocumentToDB, when a update action happend, the rev number would not automatictlly to add one, but it can go to specified number. This is for bug 417.

A constructor was added to this class. In this constructor, user can specify the revision number he want to update. And the number can be passed into a DocumentImpl object constructor in startElement method. But the number should be greater than current number in database.

A method named getLastRevisionNumber was added. And condition for checking accession number was revised too. Now metacat wouldn't refuse a revsion number which is 2 or more greater than current revision number in the database. This is for bug 417.

Access document was added to exported data package too.

The method - hasAllowRule was revised. If a action -read or update was approved, all ticket count of allow rule entries for this action will minus one if the entries have ticket count number (not null).

The two hasPermission methods were rewritten. Some logic bugs were fixed. Now user, public and group will not be checked speratedly, but they will be check together as string array. In order to do this, private methods isAccessDocument, containDocumentOwner, isAllowFirst, hasAllowRule, hasExplicitDenyRule, hasImplicitDenyRule, and createUsersPackage were added.

In method transformXMLDocument, if no style sheet registered was found for the input document, the document will be send back, rather than use util.DebugMessge to print.

Only delete some incorrect comment.

When user request a data package, the old version documents would be exported. Only export the request one.

During the export function. Every document will be check if the user has the permission to read or not.

The feature of check permission before Metacat handle a "read" action. If user doesn't have permission, its request will be rejected.
After creating a DocumentImpl object. A method named hasReadPermission in that class will be called to make sure the user has permission to read it.

A method named hasReadPermission was added. The method will check if a user has permission toread a xml document.

A new method named hasPermissionToExportPackage was added. So when MetaCat handle export action, it will check if user has permission to read the data package. If it has, MetaCat will export a zip output stream to it. Otherwise, MetaCat will be through a exception.

Code to handle "read" permission was changed in hasPermission method. The old code used old way to look up the public_access field in xml_documents table.

A new action named export was add to it. This action will export a zip output stream for a data package. In the zip output stream, meta data documents, data files and a html summary file are include. The stucture will looks like:
package----/metadata/metadata docments...

Two metacat util methods were add. One is getDocIdFromString and the other is getVersionFromString. They output a docid and revision if a string like str1.str2.str3. were passed to them.

A method named transformXmlDocument were overload. It transform an XML document to StringWriter using the stylesheet reference from the db.

A public method named getZippedPackage() and other relative private methods were add to this class. The public method can give a zip output stream if a docid and other parameters were passed to it.

Some code format problem was fixed.

The bug was fixed.
After a referral exception happend, we should set enviroment properties again before creating a contex. These environment properties include PROVIDER_URL, SECURITY_PRINCIPLE, SECURITY_CREDENTIALS, REFERRAL, and INITIAL_CONTEXT_FACOTRY. Otherwise, you couldn't get a naming exception.

Authentication bug was fixed (bug 408).
However, it needs to test if referral cotaining a referral.

Please check it.

In order to fix bug 408 (authentication), some important variables' values
were followed.

Set the qformat parameter so the stylesheets can use it for conditional
processing.

fixed error I introduced when I got postgres working

updated metacat so that the xmlparserv2.jar file is no longer needed. replaced all of teh oracle xml processing with xalan and xerces.

made a ton of changes related to keeping oracle SQL code out of the main classes. fixed a bug where the timing of the index thread was off so when it went to index a document, the document was not already in xml_documents thus breaking the FK relation between xml_documents and xml_index. I think that bug might be the reason for the blank resultset screens in morpho. made the postgres implementation much more robust.

updated postgres sql script so that it creates the same table structure as the oracle script. removed a bunch of \t tabs that were messing things up

removed because this is no longer used. it was causing a compile error when using postgres because it directly imports the oracle driver.

fixed bug with ampersands in the returned relations in the resultset.

added a manual timeout to counteract the hideously long ldap time out that is encountered when a referred ldap server is down.

updated the referral mechanism so that metacat doesn't crash when a referral server is not available

made it so we can now use multiple accessfilestypes and packagdfiletypes in the metacat.properties file. Also fixed a bug introduced when the 'http://' was removed from behind the server name in the loaddtd.sql script and the knb.xml file

Updated documentation to reflect new installprocess.

Modified build.xml to properly copy the docs into the distribution, which
required some changes in the ant token filtering scheme.

Improvements to the build process that make it easier to install the DTDs
form EML. There are now three new targets in the build.xml file:

getdtd: uses cvs to get a working copy of a tagged release of eml
  instdtd: copies the DTDs from the build directory to the install directory...

Updated the SQL for loading DTD references to use the correct file
names and paths and identifiers.

updated for new eml release

Fixed the getUsers() and getPrincipals() methods so that they no longer
fail when large result sets are requested. The problem was that the
LDAP server was returning a "size limit exceeded" message when the resultset
from the query exceeded the default limit of 500 entries. Now we...

Re-enabled referrals which I had turned off for debugging purposes.

Modified AuthLdap to fix the may problems associated with group and user
queries. Now the getGroups() and getUsers() methods work as advertised,
and there is a test of each of the methods in "main" for testing purposes.
Simplified the class substantially. Fixed the getAttributes method as...

fixed error where person with 'all' permission could not update the access file.

fixed error where person with 'all' permission could not update the access file.

fixed referral catching mechanism in authLdap.ldapAuthenticate() so that it will refer through a bunch of linked servers instead of just one....I still haven't figured out why the getGroups method wont work.

fixed the error where the ldap authenticate took 15 seconds to execute

I think i have fixed the ldap referral bug. the test lter account that david made for me works, however I would like matt or someone more knowedgeable with ldap to please check my code. the changes I made are around line 200 of AuthLdap. I put a comment in the source where the code needs to be checked.

Fix for bug #309 so that Metacat will now follow LDAP referrals. Previously
the default was to ignore referrals. Now we explictly set the JNDI
Context.REFERRAL value to the value in the metacat.propert "referral".
The metacat.properties file has been modified to add the "referral" property,...

added new permission 'changepermission' and made 'all' inclusive for all permissions

fixed access control bug. the character data in the sax parser was not getting trimmed and causing problems. also fixed hard coded eml-dataset public id in the web index file

Added new beta5 version of eml-software dtd, and added to catalog.

removed the stylesheet sql script since we don't need it anymore

Added new DTD files for the new release of EML. Changed the naming
convention for all new DTDs, so the public IDs are now consistently
versioned.

Updated metacat login semantics. Now, metacat assumes the username passed
in is the 'full' distinguished name of the user. If that fails, then
instead it tries looking up the string and seeing if it can determine
what the DN is, then uses it. The preferred method of logging in via...

Fixed the function to return the max id for a given scope. Now the function
takes a parameter named 'scope' and returns the largest docid that has been
used under that scope in this metacat instance (it used to return the most
recently created docid, which is clearly different). For compatibility with...

fixed bug where the whole filename of a data file was not appended to the file input stream so metacat just returned a null document

Fixed problem with metacat handleReadAction where the OutputStream from the
response object was closed and an attempt to reopen a PrintWriter was made
on the same response, which is illegal. Now the OutputStream is converted
to a PrintWriter in order to write the XML error message back to the client....

removed errant comment that was causing an error in the xml_documents table

fixed to get groupnames for a user using any identifying name

added insert statement for eml-attribute-2.0.dtd entry in xml_catalog

for action=servercontrol&subaction=add
added function for downloading of the certificate file
from the specified URL of the source server
and uploading it onto this server

changes in replication to use https

fix around one way replication:
when server A sends document to the servers in its list of replication servers with replicate=1 in xml_replication table,
the server B received the document does NOT need the opposite check on its end.

fixed error:
writing on the replication server required the whole acc# (including the rev#)

Fixed bug in metacat where an Exception was thrown when a search returned
an empty resultset. Now we avoid the function call that threw the exeption.

Added support for multiple user interfaces by enabling style sheet
transformations to be configured from within metacat rather than
from in the database. Now, metacat uses the qformat parameter to determine
a "style set", which is mapped to an xml configuration file that...

small fix to enable resolving external entities included in the DTD;
external entities are now resolved successfully by DBEntityResolver using the specified system ids
and thus there no need of registering the relative system ids,
This is because EntityResolver uses its internal implementation to map the relative system ids to the...

Removed the requirement that the relationship for ACL associations be
"isRelatedTo". Now the relationship in the triple can be anything, like
"describes access control rules for". This doesn't affect the ACL
processing because it is based on the ACL document type, not the...

changes to store namespace prefixes separately from the local names of nodes (elements and attributes)
in xml_nodes.nodeprefix column

added nodeprefix column to xml_nodes table for storing of namespace prefixes per nodes

Revised build.xml and metacat.properties to make it easier to
install alternative stylesheets for metacat. In the process,
replaced the deprecated copydir and copyfile commands in build.xml
with appropriate "copy" commands.

added support for Namespaces.
Metacat now can store and retrieve XML documents with Namespaces.
Namespace is stored as separate record in xml_nodes table with type "NAMESPACE"
where nodename is the prefix and nodedata is the uri of the namespace.

fixed an error of NullPointerException

- when the Access file goes first before the Package file (eml-dataset-2.0)
relations are not available in xml_relation, thus updated the code
to check and run ACL also after the Package file is saved.
- cut out the rev# from subject and object in xml_relation as needed by ACL...

fixed error with out of cursors error because pstmts were not getting closed in DBQuery

look for relationship "isRelatedTo" b' that is the word that is used in the triples

updated with the new eml modules

added new dtds

fixed the compilation bug about the change of group parameter in DocumentImpl.write()

added support for multiple group membership

Changed the constructors so that the nodeRecordList is automatically
retrieved by the DocumentImpl(Connection,String) constructor. this
restores its earlier behavior, but the implementation is totally
done by DocumentImpl(Connection,String,boolean).

Added fix to DocumentImpl that showed problems when the DocumentImpl(conn)
constructor was called. Now there is a new constructor:
DocumentImpl(Connection, String, boolean)
where the boolean value is used to determine if the nodeset should be
read a t the time the cosntructor is called. if false, then...

Completely removed the socket-server feature that used to provide
file upload. It is now replaced by multipart/form-data over http.

Modified Metacat to support large data file uploads. This is accomplished
by supporting a new content type for data sent to metacat:
multipart/form-data
which allows multiple files to be sent in a standard MIME format. The
MetacatServlet.handleGetOrPost() method now checks the incoming content...

Simplified ReplicationHandler:
It is run now in the same thread started from DBSAXHandler;
thus the same connection opened in that thread is used,
i.e. no need for new connection and no complains as "Connection is closed" in ReplicationHandler;
"Connection is closed" error happens when in the current thread there are try to use connection opened in another thread,...

support for the new terms included in pathquery.dtd

http://bugzilla.ecoinformatics.org/show_bug.cgi?id=248
Included utility function about gettig the latest docid for a user:
DBUtil.getLastDocid(username).
Metacat parameters:
action='getlastdocid'
username

don't need to override the old meta_file_id tags with docid without rev
since Morpho inserts docids before sending the docs to Metacat

added the new software module

added constructor in DocumentImpl for use in DBQuery.findDocuments();
this new constructor is used with getDocumentInfo() to get the doc info only;
because the other constructor builds the whole xml doc which is not needed here and time consuming;
this happens on backtracking only.

updated script with new eml20 dtds

fixed bug - hardcoded LDAP URL

made use of the new property for ldaps url;
it is used for secure connection to LDAP server listening on second port 636 by default with SSL sockets;
it is used from Metacat for the authetication process only;
all the rest communications with LDAP server are made on the default port 389 with plain sockets