Project

General

Profile

« Previous | Next » 

Revision 1509

Added by Jing Tao almost 22 years ago

Add code to checking if user update a subtree it doesn't have write permission.

View differences:

src/edu/ucsb/nceas/metacat/EmlSAXHandler.java
72 72 
   private Stack subTreeInfoStack = new Stack();
73 73 
   private Vector subTreeList = new Vector();// store the final subtree
74 74 
   private int inLineDataIndex = 1;
75 
   private Hashtable unChangableSubtree;
76 
   private Stack currentUnChangedableSubtreeNodeStack;
77 
   private boolean startCriticalSubTree = false;
78 
   private boolean firstElementForCriticalSubTree = false;
79 
   private String firstElementNameForCriticalSubTree;
75 80
76 81
77 82 
   // Constant
......
81 86 
   private static final String ID ="id";
82 87 
   private static final String REFERENCES = "references";
83 88 
   public  static final String INLINE = "inline";
84
89 
   private static final String PERMISSIONERROR ="User try to update a subtree"+
90 
                               " which it doesn't have write permission!";
85 91
86 92 
    /** Construct an instance of the handler class
87 93 
    * In this constructor, user can specify the version need to upadate
......
99 105 
    */
100 106 
   public EmlSAXHandler(DBConnection conn, String action, String docid,
101 107 
     String revision, String user, String[] groups, String pub, int serverCode)
108 
                              throws SAXException
102 109 
   {
103 110 
     super(conn, action, docid, revision, user, groups, pub, serverCode);
111 
     // Get the unchangable subtrees (user doesn't have write permission)
112 
     try
113 
     {
114 
       PermissionController control = new PermissionController(docid);
115 
       unChangableSubtree = getUnchangableSubTree(control, user, groups);
116 
     }
117 
     catch (Exception e)
118 
     {
119 
       throw new SAXException(e.getMessage());
120 
     }
104 121 
   }
105 122
123 
   /* Pass a permission control and get the list of unchangable subtree*/
124 
   private Hashtable getUnchangableSubTree(PermissionController controller,
125 
                                           String user, String[]groups)
126 
                                           throws Exception
127 
   {
128 
     Hashtable list = null;
129 
     Hashtable result = new Hashtable();
130 
     // get unwritable sutree from controller
131 
     list = controller.hasUnaccessableSubTree(user, groups,
132 
                                          AccessControlInterface.WRITESTRING);
133 
      if (list != null)
134 
      {
135
136 
         Enumeration en = list.elements();
137 
         while (en.hasMoreElements())
138 
         {
139 
           // Get  a subtree without node record list
140 
           SubTree treeWithoutStack = (SubTree)en.nextElement();
141 
           String subTreeId   = treeWithoutStack.getSubTreeId();
142 
           MetaCatUtil.debugMessage("unchangable subtree id: " + subTreeId, 40);
143 
           long   startNodeId = treeWithoutStack.getStartNodeId();
144 
           MetaCatUtil.debugMessage("unchangable subtree startnodeid: " +
145 
                                    startNodeId, 40);
146 
           long   endNodeId   = treeWithoutStack.getEndNodeId();
147 
           MetaCatUtil.debugMessage("unchangable subtree endnodeid: " +
148 
                                     endNodeId, 40);
149 
           // Get a subtree has the nodelist
150 
           SubTree tree = new SubTree(docid, subTreeId, startNodeId, endNodeId);
151 
           // add this tree to the result
152 
           result.put(subTreeId, tree);
153
154 
          }//while
155
156 
      }//if
157
158 
      return result;
159 
   }
160
106 161 
   /** SAX Handler that is called at the start of each XML element */
107 162 
   public void startElement(String uri, String localName,
108 163 
                            String qName, Attributes atts)
......
269 324 
       }
270 325 
       else if (attributeName !=null && attributeName.equals(ID))
271 326 
       {
327 
         //check unchangedable subtree hash if contains this subtree id
328 
         if (unChangableSubtree.contains(attributeValue))
329 
         {
330 
           // this subtree couldn't be changed by the user
331 
           SubTree currentUnChangedableSubtree = (SubTree)
332 
                                        unChangableSubtree.get(attributeValue);
333 
           currentUnChangedableSubtreeNodeStack = currentUnChangedableSubtree.
334 
                                                         getSubTreeNodeStack();
335 
           startCriticalSubTree = true;
336 
           firstElementForCriticalSubTree = true;
337 
         }
338
272 339 
         // handle subtree info
273 340 
         SubTree subTress = new SubTree();
274 341 
         // set sub tree id
......
333 400 
     // Add the node to the vector used by thread for writing XML Index
334 401 
     nodeIndex.addElement(currentNode);
335 402
403 
    // handle critical subtree
404 
    if (startCriticalSubTree && firstElementForCriticalSubTree)
405 
    {
406 
      //store the element name
407 
      firstElementNameForCriticalSubTree = qName;
408 
    }//for first element
409 
    else if (startCriticalSubTree)
410 
    {
411 
      //Get element subtree node stack (element node)
412 
      NodeRecord node = (NodeRecord) currentUnChangedableSubtreeNodeStack.pop();
413 
      // if this node is not element or local name not equal or name space not
414 
      // equals, throw an exception
415 
      if (!node.getNodeType().equals("ELEMENT") ||
416 
          !localName.equals(node.getNodeName()) ||
417 
          (uri != null && !uri.equals(node.getNodePrefix())))
418 
      {
419 
        throw new SAXException(PERMISSIONERROR);
420 
      }
421 
      //compare attributes
422 
      for (int i=0; i<atts.getLength(); i++)
423 
      {
424 
        NodeRecord attriNode = (NodeRecord)
425 
                                    currentUnChangedableSubtreeNodeStack.pop();
426 
        String attributeName = atts.getQName(i);
427 
        String attributeValue = atts.getValue(i);
428 
        if (!attriNode.getNodeType().equals("ATTRIBUTE") ||
429 
            !attributeName.equals(attriNode.getNodeName()) ||
430 
            !attributeValue.equals(attriNode.getNodeData()))
431 
        {
432 
          throw new SAXException(PERMISSIONERROR);
433 
        }
434 
      }
435
436 
    }//
336 437 

  		




  337
  438
  
    
  }


  		




  338
  439
  
    
  


  		












Also available in:  Unified diff