Revision 10001
Added by Jing Tao over 7 years ago
| Eml210SAXHandler.java | ||
|---|---|---|
| 118 | 118 |
private Writer inlineDataFileWriter = null; |
| 119 | 119 |
|
| 120 | 120 |
private String inlineDataFileName = null; |
| 121 |
|
|
| 122 |
private String identifier = null; |
|
| 121 | 123 |
|
| 122 | 124 |
DistributionSection currentDistributionSection = null; |
| 123 | 125 |
|
| ... | ... | |
| 157 | 159 |
// + "when they don't have write permission!"; |
| 158 | 160 |
|
| 159 | 161 |
private static final String UPDATEACCESSERROR = "User tried to update an " |
| 160 |
+ "access module when they don't have \"ALL\" permission!";
|
|
| 162 |
+ "access module when they don't have \"ALL\" permission on the object ";
|
|
| 161 | 163 |
|
| 162 | 164 |
private static final String TOPLEVEL = "top"; |
| 163 | 165 |
|
| ... | ... | |
| 210 | 212 |
PermissionController control = new PermissionController(previousDocid ); |
| 211 | 213 |
if (!control.hasPermission(user, groups, AccessControlInterface.ALLSTRING) |
| 212 | 214 |
&& !control.hasPermission(user, groups, AccessControlInterface.CHMODSTRING) |
| 213 |
&& action != null) {
|
|
| 215 |
&& action != null && writeAccessRules) {
|
|
| 214 | 216 |
needToCheckAccessModule = true; |
| 215 | 217 |
unChangeableAccessSubTreeVector = getAccessSubTreeListFromDB(); |
| 216 | 218 |
} |
| ... | ... | |
| 219 | 221 |
} catch (Exception e) {
|
| 220 | 222 |
throw new SAXException(e.getMessage()); |
| 221 | 223 |
} |
| 224 |
try {
|
|
| 225 |
identifier = IdentifierManager.getInstance().getGUID(docid, Integer.valueOf(revision)); |
|
| 226 |
} catch (Exception e) {
|
|
| 227 |
identifier = docid+"."+revision; |
|
| 228 |
logMetacat.warn("Eml210SAXHandler.Eml210SAXHandler - we can't get object identifier for metacat id "+identifier);
|
|
| 229 |
} |
|
| 222 | 230 |
} |
| 223 | 231 |
|
| 224 | 232 |
/* |
| ... | ... | |
| 556 | 564 |
if (processingTopLevelAccess && needToCheckAccessModule) {
|
| 557 | 565 |
compareElementNameSpaceAttributes( |
| 558 | 566 |
currentUnchangeableAccessModuleNodeStack, namespaces, atts, |
| 559 |
localName, UPDATEACCESSERROR); |
|
| 567 |
localName, UPDATEACCESSERROR+identifier);
|
|
| 560 | 568 |
|
| 561 | 569 |
} |
| 562 | 570 |
|
| ... | ... | |
| 750 | 758 |
"\t access node data from db: " + dbAccessData + "\n" + |
| 751 | 759 |
"\t access node data from document: " + docAccessData); |
| 752 | 760 |
|
| 753 |
throw new SAXException(UPDATEACCESSERROR + " [Eml210SAXHandler.compareAccessTextNode]"); |
|
| 761 |
throw new SAXException(UPDATEACCESSERROR +identifier+ " [Eml210SAXHandler.compareAccessTextNode]");
|
|
| 754 | 762 |
}// if |
| 755 | 763 |
} |
| 756 | 764 |
|
| ... | ... | |
| 974 | 982 |
|
| 975 | 983 |
logMetacat.error("Access node stack is not empty after "
|
| 976 | 984 |
+ "parsing access subtree"); |
| 977 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 985 |
throw new SAXException(UPDATEACCESSERROR+identifier);
|
|
| 978 | 986 |
|
| 979 | 987 |
} |
| 980 | 988 |
// reset access section object |
| ... | ... | |
| 1040 | 1048 |
// compare top level access module |
| 1041 | 1049 |
if (processingTopLevelAccess && needToCheckAccessModule) {
|
| 1042 | 1050 |
compareCommentNode(currentUnchangeableAccessModuleNodeStack, str, |
| 1043 |
UPDATEACCESSERROR); |
|
| 1051 |
UPDATEACCESSERROR+identifier);
|
|
| 1044 | 1052 |
} |
| 1045 | 1053 |
endNodeId = currentNode.writeChildNodeToDB("COMMENT", null, str, docid);
|
| 1046 | 1054 |
if (needToCheckAccessModule |
| ... | ... | |
| 1136 | 1144 |
// compare whitespace in access top module |
| 1137 | 1145 |
if (processingTopLevelAccess && needToCheckAccessModule) {
|
| 1138 | 1146 |
compareWhiteSpace(currentUnchangeableAccessModuleNodeStack, data, |
| 1139 |
UPDATEACCESSERROR); |
|
| 1147 |
UPDATEACCESSERROR+identifier);
|
|
| 1140 | 1148 |
} |
| 1141 | 1149 |
// Write the content of the node to the database |
| 1142 | 1150 |
if (needToCheckAccessModule |
| ... | ... | |
| 1276 | 1284 |
AccessSection oldAccessObj = getAccessSectionFromUnchangableAccessVector(referenceId); |
| 1277 | 1285 |
// if oldAccessObj is null something is wrong |
| 1278 | 1286 |
if (oldAccessObj == null) {
|
| 1279 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 1287 |
throw new SAXException(UPDATEACCESSERROR+identifier);
|
|
| 1280 | 1288 |
}// if |
| 1281 | 1289 |
else {
|
| 1282 | 1290 |
// Get the node stack from old access obj |
| ... | ... | |
| 1347 | 1355 |
// make sure stack1 and stack2 are not empty |
| 1348 | 1356 |
if (stack1.isEmpty() || stack2.isEmpty()) {
|
| 1349 | 1357 |
logMetacat.error("Because stack is empty!");
|
| 1350 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 1358 |
throw new SAXException(UPDATEACCESSERROR+identifier);
|
|
| 1351 | 1359 |
} |
| 1352 | 1360 |
// go throw two stacks and compare every element |
| 1353 | 1361 |
while (!stack1.isEmpty()) {
|
| ... | ... | |
| 1359 | 1367 |
record2 = stack2.pop(); |
| 1360 | 1368 |
} catch (EmptyStackException ee) {
|
| 1361 | 1369 |
logMetacat.error("Node stack2 is empty but stack1 isn't!");
|
| 1362 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 1370 |
throw new SAXException(UPDATEACCESSERROR+identifier);
|
|
| 1363 | 1371 |
} |
| 1364 | 1372 |
// if two records are not same throw a exception |
| 1365 | 1373 |
if (!record1.contentEquals(record2)) {
|
| 1366 | 1374 |
logMetacat.error("Two records from new and old stack are not " + "same!");
|
| 1367 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 1375 |
throw new SAXException(UPDATEACCESSERROR+identifier);
|
|
| 1368 | 1376 |
}// if |
| 1369 | 1377 |
}// while |
| 1370 | 1378 |
|
| ... | ... | |
| 1372 | 1380 |
if (!stack2.isEmpty()) {
|
| 1373 | 1381 |
logMetacat |
| 1374 | 1382 |
.error("stack2 still has some elements while stack " + "is empty! ");
|
| 1375 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 1383 |
throw new SAXException(UPDATEACCESSERROR+identifier);
|
|
| 1376 | 1384 |
}// if |
| 1377 | 1385 |
}// comparingNodeStacks |
| 1378 | 1386 |
|
| ... | ... | |
| 1436 | 1444 |
|| currentController.hasPermission(user, groups, "WRITE") |
| 1437 | 1445 |
) |
| 1438 | 1446 |
) {
|
| 1439 |
throw new SAXException(UPDATEACCESSERROR + " id: " + dataDocid);
|
|
| 1447 |
throw new SAXException(UPDATEACCESSERROR + identifier +" for the data object "+dataDocid);
|
|
| 1440 | 1448 |
} |
| 1441 | 1449 |
} catch (SQLException sqle) {
|
| 1442 | 1450 |
throw new SAXException( |
| ... | ... | |
| 1457 | 1465 |
PermissionController controller = new PermissionController(previousDocid); |
| 1458 | 1466 |
|
| 1459 | 1467 |
if (!controller.hasPermission(user, groups, "WRITE")) {
|
| 1460 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 1468 |
throw new SAXException(UPDATEACCESSERROR+identifier+ " for an inline object");
|
|
| 1461 | 1469 |
} |
| 1462 | 1470 |
} catch (SQLException sqle) {
|
| 1463 | 1471 |
throw new SAXException( |
| ... | ... | |
| 1979 | 1987 |
) {
|
| 1980 | 1988 |
onlineDataFileIdInTopAccessVector.add(guid); |
| 1981 | 1989 |
} else {
|
| 1982 |
throw new SAXException(UPDATEACCESSERROR); |
|
| 1990 |
throw new SAXException(UPDATEACCESSERROR+identifier+" for the data object "+previousDocid);
|
|
| 1983 | 1991 |
} |
| 1984 | 1992 |
} |
| 1985 | 1993 |
}// try |
Also available in: Unified diff
Add the identifier information in the exception when users try to change the access section but they don't have all permission.