Revision 2045
Added by Jing Tao over 20 years ago
| src/edu/ucsb/nceas/metacat/AuthSession.java | ||
|---|---|---|
| 53 | 53 |
this.authClass = util.getOption("authclass");
|
| 54 | 54 |
this.authService = (AuthInterface)createObject(authClass); |
| 55 | 55 |
} |
| 56 |
|
|
| 57 |
/** |
|
| 58 |
* Get the new session |
|
| 59 |
*/ |
|
| 60 |
public HttpSession getSessions() |
|
| 61 |
{
|
|
| 62 |
return this.session; |
|
| 63 |
} |
|
| 56 | 64 |
|
| 57 | 65 |
/** |
| 58 | 66 |
* determine if the credentials for this session are valid by |
| ... | ... | |
| 72 | 80 |
{
|
| 73 | 81 |
groups = new String[0]; |
| 74 | 82 |
} |
| 75 |
this.session = getSession(request, username, password, groups);
|
|
| 83 |
this.session = createSession(request, username, password, groups);
|
|
| 76 | 84 |
String sessionId = session.getId(); |
| 77 | 85 |
message = "Authentication successful for user: " + username; |
| 78 | 86 |
this.statusMessage = formatOutput("login", message, sessionId);
|
| ... | ... | |
| 94 | 102 |
} |
| 95 | 103 |
|
| 96 | 104 |
/** Get new HttpSession and store username & password in it */ |
| 97 |
private HttpSession getSession(HttpServletRequest request,
|
|
| 105 |
private HttpSession createSession(HttpServletRequest request,
|
|
| 98 | 106 |
String username, String password, |
| 99 | 107 |
String[] groups) |
| 100 | 108 |
throws IllegalStateException {
|
| ... | ... | |
| 104 | 112 |
|
| 105 | 113 |
// if it is still in use invalidate and get a new one |
| 106 | 114 |
if ( !session.isNew() ) {
|
| 115 |
MetaCatUtil.debugMessage("in session is not new", 40);
|
|
| 116 |
MetaCatUtil.debugMessage("the old session id is : " +
|
|
| 117 |
session.getId(), 30); |
|
| 118 |
MetaCatUtil.debugMessage("the old session username : " +
|
|
| 119 |
session.getAttribute("username"), 30);
|
|
| 107 | 120 |
session.invalidate(); |
| 121 |
MetaCatUtil.debugMessage("in session is not new", 40);
|
|
| 108 | 122 |
session = request.getSession(true); |
| 109 | 123 |
} |
| 110 | 124 |
// store the username, password, and groupname (the first only) |
| ... | ... | |
| 115 | 129 |
if ( groups.length > 0 ) {
|
| 116 | 130 |
session.setAttribute("groupnames", groups);
|
| 117 | 131 |
} |
| 118 |
|
|
| 132 |
MetaCatUtil.debugMessage("the new session id is : " +
|
|
| 133 |
session.getId(), 30); |
|
| 134 |
MetaCatUtil.debugMessage("the new session username : " +
|
|
| 135 |
session.getAttribute("username"), 30);
|
|
| 119 | 136 |
return session; |
| 120 | 137 |
} |
| 121 | 138 |
|
| src/edu/ucsb/nceas/metacat/QuerySpecification.java | ||
|---|---|---|
| 167 | 167 |
* @param myName the user name |
| 168 | 168 |
*/ |
| 169 | 169 |
public void setUserName(String myName) |
| 170 |
{
|
|
| 171 |
this.userName = myName; |
|
| 170 |
{
|
|
| 171 |
//to lower case |
|
| 172 |
if (myName != null) |
|
| 173 |
{
|
|
| 174 |
this.userName = myName.toLowerCase(); |
|
| 175 |
} |
|
| 176 |
else |
|
| 177 |
{
|
|
| 178 |
this.userName = myName; |
|
| 179 |
} |
|
| 172 | 180 |
} |
| 173 | 181 |
|
| 174 | 182 |
/** |
| ... | ... | |
| 196 | 204 |
ownerQuery = "SELECT docid FROM xml_documents WHERE "; |
| 197 | 205 |
if (userName != null && !userName.equals(""))
|
| 198 | 206 |
{
|
| 199 |
ownerQuery = ownerQuery + "user_owner ='"+ userName +"'";
|
|
| 207 |
ownerQuery = ownerQuery + "lower(user_owner) ='"+ userName +"'";
|
|
| 200 | 208 |
} |
| 201 | 209 |
|
| 202 | 210 |
MetaCatUtil.debugMessage("OwnerQuery: "+ownerQuery, 30);
|
| ... | ... | |
| 226 | 234 |
// add allow rule for user name |
| 227 | 235 |
if (userName != null && !userName.equals(""))
|
| 228 | 236 |
{
|
| 229 |
allowQuery = allowQuery +"(principal_name = '" + userName
|
|
| 237 |
allowQuery = allowQuery +"(lower(principal_name) = '" + userName
|
|
| 230 | 238 |
+"' AND perm_type = 'allow'" |
| 231 | 239 |
+" AND (permission='4' OR permission='7'))"; |
| 232 | 240 |
} |
| 233 | 241 |
// add allow rule for public |
| 234 |
allowQuery = allowQuery +"OR (principal_name = '" + PUBLIC
|
|
| 242 |
allowQuery = allowQuery +"OR (lower(principal_name) = '" + PUBLIC
|
|
| 235 | 243 |
+"' AND perm_type = 'allow'" |
| 236 | 244 |
+" AND (permission='4' OR permission='7'))"; |
| 237 | 245 |
|
| ... | ... | |
| 243 | 251 |
String groupUint = group[i]; |
| 244 | 252 |
if (groupUint != null && !groupUint.equals(""))
|
| 245 | 253 |
{
|
| 246 |
allowQuery = allowQuery +" OR (principal_name = '" + groupUint |
|
| 254 |
groupUint = groupUint.toLowerCase(); |
|
| 255 |
allowQuery = allowQuery +" OR (lower(principal_name) = '" + groupUint |
|
| 247 | 256 |
+"' AND perm_type = 'allow'" |
| 248 | 257 |
+" AND (permission='4' OR permission='7'))"; |
| 249 | 258 |
}//if |
| ... | ... | |
| 275 | 284 |
// add deny rule for user name |
| 276 | 285 |
if (userName != null && !userName.equals(""))
|
| 277 | 286 |
{
|
| 278 |
denyQuery = denyQuery +"(principal_name = '" + userName
|
|
| 287 |
denyQuery = denyQuery +"(lower(principal_name) = '" + userName
|
|
| 279 | 288 |
+"' AND perm_type = 'deny' " |
| 280 | 289 |
+"AND perm_order ='allowFirst'" |
| 281 | 290 |
+" AND (permission='4' OR permission='7'))"; |
| 282 | 291 |
} |
| 283 | 292 |
// add deny rule for public |
| 284 |
denyQuery = denyQuery +"OR (principal_name = '" + PUBLIC
|
|
| 293 |
denyQuery = denyQuery +"OR (lower(principal_name) = '" + PUBLIC
|
|
| 285 | 294 |
+"' AND perm_type = 'deny' " |
| 286 | 295 |
+"AND perm_order ='allowFirst'" |
| 287 | 296 |
+" AND (permission='4' OR permission='7'))"; |
| ... | ... | |
| 294 | 303 |
String groupUint = group[i]; |
| 295 | 304 |
if (groupUint != null && !groupUint.equals(""))
|
| 296 | 305 |
{
|
| 297 |
denyQuery = denyQuery +" OR (principal_name = '" + groupUint |
|
| 306 |
groupUint = groupUint.toLowerCase(); |
|
| 307 |
denyQuery = denyQuery +" OR (lower(principal_name) = '" + groupUint |
|
| 298 | 308 |
+"' AND perm_type = 'deny' " |
| 299 | 309 |
+"AND perm_order ='allowFirst'" |
| 300 | 310 |
+" AND (permission='4' OR permission='7'))"; |
| ... | ... | |
| 715 | 725 |
Enumeration en = ownerList.elements(); |
| 716 | 726 |
while (en.hasMoreElements()) {
|
| 717 | 727 |
String current = (String)en.nextElement(); |
| 728 |
if (current != null) |
|
| 729 |
{
|
|
| 730 |
current = current.toLowerCase(); |
|
| 731 |
} |
|
| 718 | 732 |
if (first) {
|
| 719 | 733 |
first = false; |
| 720 |
self.append(" user_owner = '" + current + "'");
|
|
| 734 |
self.append(" lower(user_owner) = '" + current + "'");
|
|
| 721 | 735 |
} else {
|
| 722 |
self.append(" OR user_owner = '" + current + "'");
|
|
| 736 |
self.append(" OR lower(user_owner) = '" + current + "'");
|
|
| 723 | 737 |
} |
| 724 | 738 |
} |
| 725 | 739 |
self.append(") ");
|
| ... | ... | |
| 774 | 788 |
sql.append("(");
|
| 775 | 789 |
sql.append("startnodeid NOT IN (SELECT startnodeid from xml_access, xml_documents ");
|
| 776 | 790 |
sql.append(" WHERE xml_access.docid = xml_documents.docid");
|
| 777 |
sql.append(" AND xml_documents.user_owner ='");
|
|
| 791 |
sql.append(" AND lower(xml_documents.user_owner) ='");
|
|
| 778 | 792 |
sql.append(userName); |
| 779 | 793 |
sql.append("' AND xml_access.startnodeid IS NOT NULL)");
|
| 780 | 794 |
sql.append(")");
|
| src/edu/ucsb/nceas/metacat/DBQuery.java | ||
|---|---|---|
| 814 | 814 |
*/ |
| 815 | 815 |
private String getOwnerQuery(String owner) |
| 816 | 816 |
{
|
| 817 |
if (owner != null) |
|
| 818 |
{
|
|
| 819 |
owner = owner.toLowerCase(); |
|
| 820 |
} |
|
| 817 | 821 |
StringBuffer self = new StringBuffer(); |
| 818 |
|
|
| 822 |
|
|
| 819 | 823 |
self.append("SELECT docid,docname,doctype,");
|
| 820 | 824 |
self.append("date_created, date_updated, rev ");
|
| 821 | 825 |
self.append("FROM xml_documents WHERE docid IN (");
|
| ... | ... | |
| 825 | 829 |
self.append(") \n");
|
| 826 | 830 |
self.append(") ");
|
| 827 | 831 |
self.append(" AND (");
|
| 828 |
self.append(" user_owner = '" + owner + "'");
|
|
| 832 |
self.append(" lower(user_owner) = '" + owner + "'");
|
|
| 829 | 833 |
self.append(") ");
|
| 830 | 834 |
return self.toString(); |
| 831 | 835 |
} |
| src/edu/ucsb/nceas/metacat/MetaCatUtil.java | ||
|---|---|---|
| 419 | 419 |
|
| 420 | 420 |
return docId; |
| 421 | 421 |
}//getDocIdFromString |
| 422 |
|
|
| 422 | 423 |
|
| 424 |
|
|
| 423 | 425 |
/** |
| 424 | 426 |
* Utility method to get version number from a given string |
| 425 | 427 |
* @param string, the given string should be these two format: |
| ... | ... | |
| 516 | 518 |
}//getVersionFromString |
| 517 | 519 |
|
| 518 | 520 |
/** |
| 521 |
* This method will get docid from an AccessionNumber. There is no assumption |
|
| 522 |
* the accessnumber will be str1.str2.str3. It can be more. So we think |
|
| 523 |
* the docid will be get rid of last part |
|
| 524 |
*/ |
|
| 525 |
public static String getDocIdFromAccessionNumber(String accessionNumber) |
|
| 526 |
{
|
|
| 527 |
String docid = null; |
|
| 528 |
if (accessionNumber == null) |
|
| 529 |
{
|
|
| 530 |
return docid; |
|
| 531 |
} |
|
| 532 |
String seperator=getOption("accNumSeparator");
|
|
| 533 |
int indexOfLastSeperator = accessionNumber.lastIndexOf(seperator); |
|
| 534 |
docid=accessionNumber.substring(0, indexOfLastSeperator); |
|
| 535 |
MetaCatUtil.debugMessage("after parsing accessionnumber, docid is " +
|
|
| 536 |
docid, 30); |
|
| 537 |
return docid; |
|
| 538 |
} |
|
| 539 |
|
|
| 540 |
/** |
|
| 541 |
* This method will call both getDocIdFromString and |
|
| 542 |
* getDocIdFromAccessionNumber. So first, if the string looks |
|
| 543 |
* str1.str2, the docid will be str1.str2. |
|
| 544 |
* If the string is str1.str2.str3, the docid will be str1.str2. |
|
| 545 |
* If the string is str1.str2.str3.str4 or more, the docid will be |
|
| 546 |
* str1.str2.str3. |
|
| 547 |
* If the string look like str1, null will be returned |
|
| 548 |
* |
|
| 549 |
*/ |
|
| 550 |
public static String getSmartDocId(String str) |
|
| 551 |
{
|
|
| 552 |
String docid = null; |
|
| 553 |
//call geDocIdFromString first. |
|
| 554 |
docid = getDocIdFromString(str); |
|
| 555 |
// If docid is null, try to call getDocIdFromAccessionNumber |
|
| 556 |
// it will handle the seperator more than2 |
|
| 557 |
if (docid == null) |
|
| 558 |
{
|
|
| 559 |
docid = getDocIdFromAccessionNumber(str); |
|
| 560 |
} |
|
| 561 |
MetaCatUtil.debugMessage("The docid get from smart docid getor is " +
|
|
| 562 |
docid, 30); |
|
| 563 |
return docid; |
|
| 564 |
} |
|
| 565 |
|
|
| 566 |
/** |
|
| 567 |
* This method will get revision from an AccessionNumber. There is no assumption |
|
| 568 |
* the accessnumber will be str1.str2.str3. It can be more. So we think |
|
| 569 |
* the docid will be get rid of last part |
|
| 570 |
*/ |
|
| 571 |
public static int getRevisionFromAccessionNumber(String accessionNumber) |
|
| 572 |
throws NumberFormatException |
|
| 573 |
{
|
|
| 574 |
String rev = null; |
|
| 575 |
int revNumber =-1; |
|
| 576 |
if (accessionNumber == null) |
|
| 577 |
{
|
|
| 578 |
return revNumber; |
|
| 579 |
} |
|
| 580 |
String seperator=getOption("accNumSeparator");
|
|
| 581 |
int indexOfLastSeperator = accessionNumber.lastIndexOf(seperator); |
|
| 582 |
rev =accessionNumber.substring(indexOfLastSeperator+1, |
|
| 583 |
accessionNumber.length()); |
|
| 584 |
revNumber = Integer.parseInt(rev); |
|
| 585 |
MetaCatUtil.debugMessage("after parsing accessionnumber, rev is " +
|
|
| 586 |
revNumber, 30); |
|
| 587 |
return revNumber; |
|
| 588 |
} |
|
| 589 |
|
|
| 590 |
|
|
| 591 |
/** |
|
| 519 | 592 |
* Method to get the name of local replication server |
| 520 | 593 |
*/ |
| 521 | 594 |
public static String getLocalReplicationServerName() |
| src/edu/ucsb/nceas/metacat/MetaCatServlet.java | ||
|---|---|---|
| 315 | 315 |
HttpSession sess = request.getSession(true); |
| 316 | 316 |
if (sess.isNew() && !params.containsKey("sessionid")) {
|
| 317 | 317 |
// session expired or has not been stored b/w user requests |
| 318 |
MetaCatUtil.debugMessage("in session is new or no sessionid", 40);
|
|
| 318 | 319 |
username = "public"; |
| 319 | 320 |
sess.setAttribute("username", username);
|
| 320 | 321 |
} |
| 321 | 322 |
else |
| 322 | 323 |
{
|
| 324 |
MetaCatUtil.debugMessage("in session is not new or " +
|
|
| 325 |
" has sessionid parameter", 40); |
|
| 323 | 326 |
try |
| 324 | 327 |
{
|
| 325 | 328 |
if(params.containsKey("sessionid"))
|
| 326 | 329 |
{
|
| 327 | 330 |
sess_id = ((String[])params.get("sessionid"))[0];
|
| 331 |
MetaCatUtil.debugMessage("in has sessionid " + sess_id, 40);
|
|
| 328 | 332 |
if(sessionHash.containsKey(sess_id)) |
| 329 | 333 |
{
|
| 334 |
MetaCatUtil.debugMessage("find the id " + sess_id +
|
|
| 335 |
" in hash table", 40); |
|
| 330 | 336 |
sess = (HttpSession)sessionHash.get(sess_id); |
| 331 | 337 |
} |
| 332 | 338 |
} |
| 333 | 339 |
else |
| 334 | 340 |
{
|
| 341 |
// we already store the session in login, so we don't need here |
|
| 342 |
/*MetaCatUtil.debugMessage("in no sessionid parameter ", 40);
|
|
| 335 | 343 |
sess_id = (String)sess.getId(); |
| 336 |
sessionHash.put(sess_id, sess); |
|
| 344 |
MetaCatUtil.debugMessage("storing the session id "+ sess_id +
|
|
| 345 |
" which has username " + sess.getAttribute("username") +
|
|
| 346 |
" into session hash in handleGetOrPost method", 35); |
|
| 347 |
sessionHash.put(sess_id, sess);*/ |
|
| 337 | 348 |
} |
| 338 | 349 |
} |
| 339 | 350 |
catch(IllegalStateException ise) |
| ... | ... | |
| 344 | 355 |
} |
| 345 | 356 |
|
| 346 | 357 |
username = (String)sess.getAttribute("username");
|
| 358 |
MetaCatUtil.debugMessage("The user name from session is: "+
|
|
| 359 |
username, 20); |
|
| 347 | 360 |
password = (String)sess.getAttribute("password");
|
| 348 | 361 |
groupnames = (String[])sess.getAttribute("groupnames");
|
| 349 | 362 |
} |
| 350 |
} |
|
| 351 | 363 |
|
| 352 |
//make user user username should be public |
|
| 353 |
if (username == null || (username.trim().equals("")))
|
|
| 354 |
{
|
|
| 355 |
username = "public"; |
|
| 364 |
//make user user username should be public |
|
| 365 |
if (username == null || (username.trim().equals("")))
|
|
| 366 |
{
|
|
| 367 |
username = "public"; |
|
| 368 |
} |
|
| 369 |
MetaCatUtil.debugMessage("The user is : "+ username, 5);
|
|
| 356 | 370 |
} |
| 357 |
|
|
| 358 | 371 |
// Now that we know the session is valid, we can delegate the request |
| 359 | 372 |
// to a particular action handler |
| 360 | 373 |
if(action.equals("query")) {
|
| ... | ... | |
| 497 | 510 |
|
| 498 | 511 |
AuthSession sess = null; |
| 499 | 512 |
String un = ((String[])params.get("username"))[0];
|
| 513 |
MetaCatUtil.debugMessage("user " + un + " try to login", 20);
|
|
| 500 | 514 |
String pw = ((String[])params.get("password"))[0];
|
| 501 | 515 |
String action = ((String[])params.get("action"))[0];
|
| 502 | 516 |
String qformat = ((String[])params.get("qformat"))[0];
|
| ... | ... | |
| 510 | 524 |
return; |
| 511 | 525 |
} |
| 512 | 526 |
boolean isValid = sess.authenticate(request, un, pw); |
| 527 |
|
|
| 528 |
//if it is authernticate is true, store the session |
|
| 529 |
if (isValid) |
|
| 530 |
{
|
|
| 531 |
HttpSession session = sess.getSessions(); |
|
| 532 |
String id = session.getId(); |
|
| 533 |
MetaCatUtil.debugMessage("Store session id " + id +
|
|
| 534 |
"which has username" + session.getAttribute("username")+
|
|
| 535 |
" into hash in login method", 35); |
|
| 536 |
sessionHash.put(id, session); |
|
| 537 |
} |
|
| 538 |
|
|
| 513 | 539 |
// format and transform the output |
| 514 | 540 |
if (qformat.equals("xml")) {
|
| 515 | 541 |
response.setContentType("text/xml");
|
| ... | ... | |
| 543 | 569 |
|
| 544 | 570 |
// close the connection |
| 545 | 571 |
HttpSession sess = request.getSession(false); |
| 546 |
if (sess != null) { sess.invalidate(); }
|
|
| 572 |
MetaCatUtil.debugMessage("After get session in logout request", 40);
|
|
| 573 |
if (sess != null) |
|
| 574 |
{
|
|
| 575 |
MetaCatUtil.debugMessage("The session id " + sess.getId() +
|
|
| 576 |
" will be invalidate in logout action", 30); |
|
| 577 |
MetaCatUtil.debugMessage("The session contains user " +
|
|
| 578 |
sess.getAttribute("username") +
|
|
| 579 |
" will be invalidate in logout action", 30); |
|
| 580 |
sess.invalidate(); |
|
| 581 |
} |
|
| 547 | 582 |
|
| 548 | 583 |
// produce output |
| 549 | 584 |
StringBuffer output = new StringBuffer(); |
| src/edu/ucsb/nceas/metacat/EmlSAXHandler.java | ||
|---|---|---|
| 140 | 140 |
// Get the unchangable subtrees (user doesn't have write permission) |
| 141 | 141 |
try |
| 142 | 142 |
{
|
| 143 |
PermissionController control = new PermissionController(docid); |
|
| 143 |
PermissionController control = new PermissionController(docid+ |
|
| 144 |
MetaCatUtil.getOption("accNumSeparator")+revision);
|
|
| 144 | 145 |
//unChangableSubTreeHash = getUnchangableSubTree(control, user, groups); |
| 145 | 146 |
|
| 146 | 147 |
|
| src/edu/ucsb/nceas/metacat/PermissionController.java | ||
|---|---|---|
| 52 | 52 |
public PermissionController(String myDocid) throws McdbException |
| 53 | 53 |
{
|
| 54 | 54 |
// Get rid of rev number |
| 55 |
docId = MetaCatUtil.getDocIdFromString(myDocid);
|
|
| 55 |
docId = MetaCatUtil.getSmartDocId(myDocid);
|
|
| 56 | 56 |
hasSubTreeAccessControl = checkSubTreeAccessControl(); |
| 57 | 57 |
} |
| 58 | 58 |
|
| ... | ... | |
| 523 | 523 |
serialNumber=conn.getCheckOutSerialNumber(); |
| 524 | 524 |
pStmt = conn.prepareStatement( |
| 525 | 525 |
"SELECT 'x' FROM xml_documents " + |
| 526 |
"WHERE docid = ? AND user_owner = ?");
|
|
| 526 |
"WHERE docid = ? AND lower(user_owner) = ?");
|
|
| 527 | 527 |
//check every element in the string array too see if it conatains |
| 528 | 528 |
//the owner of document |
| 529 | 529 |
for (int i=0; i<lengthOfArray; i++) |
| ... | ... | |
| 532 | 532 |
// Bind the values to the query |
| 533 | 533 |
pStmt.setString(1, docId); |
| 534 | 534 |
pStmt.setString(2, principals[i]); |
| 535 |
MetaCatUtil.debugMessage("the principle stack is : " +
|
|
| 536 |
principals[i], 40); |
|
| 535 | 537 |
|
| 536 | 538 |
pStmt.execute(); |
| 537 | 539 |
ResultSet rs = pStmt.getResultSet(); |
| ... | ... | |
| 539 | 541 |
if (hasRow) |
| 540 | 542 |
{
|
| 541 | 543 |
pStmt.close(); |
| 544 |
MetaCatUtil.debugMessage("find the owner", 40);
|
|
| 542 | 545 |
return true; |
| 543 | 546 |
}//if |
| 544 | 547 |
|
| ... | ... | |
| 588 | 591 |
//top level |
| 589 | 592 |
topLever = true; |
| 590 | 593 |
sql = "SELECT perm_order FROM xml_access " + |
| 591 |
"WHERE principal_name= ? AND docid = ? AND startnodeid is NULL";
|
|
| 594 |
"WHERE lower(principal_name) = ? AND docid = ? AND startnodeid is NULL";
|
|
| 592 | 595 |
} |
| 593 | 596 |
else |
| 594 | 597 |
{
|
| 595 | 598 |
//sub tree level |
| 596 | 599 |
sql = "SELECT perm_order FROM xml_access " + |
| 597 |
"WHERE principal_name= ? AND docid = ? AND startnodeid = ?";
|
|
| 600 |
"WHERE lower(principal_name)= ? AND docid = ? AND startnodeid = ?";
|
|
| 598 | 601 |
} |
| 599 | 602 |
|
| 600 | 603 |
try |
| ... | ... | |
| 693 | 696 |
// for toplevel |
| 694 | 697 |
topLever = true; |
| 695 | 698 |
sql = "SELECT permission FROM xml_access WHERE docid = ? " + |
| 696 |
"AND principal_name = ? AND perm_type = ? AND startnodeid is NULL";
|
|
| 699 |
"AND lower(principal_name) = ? AND perm_type = ? AND startnodeid is NULL";
|
|
| 697 | 700 |
} |
| 698 | 701 |
else |
| 699 | 702 |
{
|
| 700 | 703 |
topLever =false; |
| 701 | 704 |
sql = "SELECT permission FROM xml_access WHERE docid = ? " + |
| 702 |
"AND principal_name = ? AND perm_type = ? AND startnodeid = ?";
|
|
| 705 |
"AND lower(principal_name) = ? AND perm_type = ? AND startnodeid = ?";
|
|
| 703 | 706 |
} |
| 704 | 707 |
try |
| 705 | 708 |
{
|
| ... | ... | |
| 792 | 795 |
{
|
| 793 | 796 |
topLevel = true; |
| 794 | 797 |
sql = "SELECT permission FROM xml_access WHERE docid = ? " + |
| 795 |
"AND principal_name = ? AND perm_type = ? AND startnodeid is NULL";
|
|
| 798 |
"AND lower(principal_name) = ? AND perm_type = ? AND startnodeid is NULL";
|
|
| 796 | 799 |
} |
| 797 | 800 |
else |
| 798 | 801 |
{
|
| 799 | 802 |
topLevel = false; |
| 800 | 803 |
sql = "SELECT permission FROM xml_access WHERE docid = ? " + |
| 801 |
"AND principal_name = ? AND perm_type = ? AND startnodeid = ?";
|
|
| 804 |
"AND lower(principal_name) = ? AND perm_type = ? AND startnodeid = ?";
|
|
| 802 | 805 |
} |
| 803 | 806 |
|
| 804 | 807 |
try |
| ... | ... | |
| 878 | 881 |
lengthOfPackage=(groups.length)+2; |
| 879 | 882 |
usersPackage=new String [lengthOfPackage]; |
| 880 | 883 |
//the first two elements is user self and public |
| 881 |
usersPackage[0]=user; |
|
| 884 |
//in order to ignore case sensitive, we transfer user to lower case |
|
| 885 |
if (user != null) |
|
| 886 |
{
|
|
| 887 |
usersPackage[0]= user.toLowerCase(); |
|
| 888 |
MetaCatUtil.debugMessage("after transfer to lower case(not null): "+
|
|
| 889 |
usersPackage[0], 45); |
|
| 890 |
} |
|
| 891 |
else |
|
| 892 |
{
|
|
| 893 |
usersPackage[0] = user; |
|
| 894 |
usersPackage[0]= user.toLowerCase(); |
|
| 895 |
MetaCatUtil.debugMessage("after transfer to lower case(null): "+
|
|
| 896 |
usersPackage[0], 45); |
|
| 897 |
} |
|
| 882 | 898 |
usersPackage[1]=AccessControlInterface.PUBLIC; |
| 883 | 899 |
//put groups element from index 0 to lengthOfPackage-3 into userPackage |
| 884 | 900 |
//from index 2 to lengthOfPackage-1 |
| 885 | 901 |
for (int i=2; i<lengthOfPackage; i++) |
| 886 | 902 |
{
|
| 887 |
usersPackage[i]=groups[i-2]; |
|
| 903 |
//tansfer group to lower case too |
|
| 904 |
if (groups[i-2] != null) |
|
| 905 |
{
|
|
| 906 |
usersPackage[i]=groups[i-2].toLowerCase(); |
|
| 907 |
} |
|
| 888 | 908 |
} //for |
| 889 | 909 |
}//if user!=public |
| 890 | 910 |
else//use=public |
| ... | ... | |
| 897 | 917 |
//from index 1 to lengthOfPackage-1 |
| 898 | 918 |
for (int i=1; i<lengthOfPackage; i++) |
| 899 | 919 |
{
|
| 900 |
usersPackage[i]=groups[i-1]; |
|
| 920 |
if (groups[i-1] != null) |
|
| 921 |
{
|
|
| 922 |
usersPackage[i]=groups[i-1].toLowerCase(); |
|
| 923 |
} |
|
| 901 | 924 |
} //for |
| 902 | 925 |
}//else user=public |
| 903 | 926 |
|
| ... | ... | |
| 910 | 933 |
{
|
| 911 | 934 |
lengthOfPackage=2; |
| 912 | 935 |
usersPackage=new String [lengthOfPackage]; |
| 913 |
usersPackage[0]=user; |
|
| 936 |
if (user != null) |
|
| 937 |
{
|
|
| 938 |
usersPackage[0]=user.toLowerCase(); |
|
| 939 |
} |
|
| 940 |
else |
|
| 941 |
{
|
|
| 942 |
usersPackage[0]=user; |
|
| 943 |
} |
|
| 914 | 944 |
usersPackage[1]=AccessControlInterface.PUBLIC; |
| 915 | 945 |
}//if user!=public |
| 916 | 946 |
else //user==public |
| ... | ... | |
| 976 | 1006 |
return dataSetId; |
| 977 | 1007 |
}//getDataPackageId() |
| 978 | 1008 |
|
| 979 |
/** |
|
| 980 |
* To create a part of query: "docid like '" +str1+ "', " +"docid like '" |
|
| 981 |
* +str2+"'" ... We need to check user, group and public together for the |
|
| 982 |
* permission. So we need the principal in an array and according the array |
|
| 983 |
* to create a part of query which will be used in other methods |
|
| 984 |
* @param principals, a string array storing the username, groups name and |
|
| 985 |
* public. |
|
| 986 |
*/ |
|
| 987 |
private String partQueryAboutDocId( String [] principals) |
|
| 988 |
{
|
|
| 989 |
String partQuery=""; |
|
| 990 |
int lengthOfArray=principals.length; |
|
| 991 |
|
|
| 992 |
for (int i=0;i<(lengthOfArray-1);i++) |
|
| 993 |
{
|
|
| 994 |
partQuery=partQuery+"docid like '"+principals[i]+"',"; |
|
| 995 |
} |
|
| 996 |
|
|
| 997 |
//the last one dosen't has "'" |
|
| 998 |
partQuery=partQuery+"docid like '"+principals[(lengthOfArray-1)]+"'"; |
|
| 999 |
return partQuery; |
|
| 1000 |
|
|
| 1001 |
} |
|
| 1009 |
|
|
| 1002 | 1010 |
} |
| src/edu/ucsb/nceas/metacat/DocumentImpl.java | ||
|---|---|---|
| 409 | 409 |
dbconn=DBConnectionPool. |
| 410 | 410 |
getDBConnection("DocumentImpl.registerDocumentInReplication");
|
| 411 | 411 |
serialNumber=dbconn.getCheckOutSerialNumber(); |
| 412 |
String docIdWithoutRev=MetaCatUtil.getDocIdFromString(accnum);
|
|
| 413 |
int userSpecifyRev=MetaCatUtil.getVersionFromString(accnum);
|
|
| 412 |
String docIdWithoutRev=MetaCatUtil.getDocIdFromAccessionNumber(accnum);
|
|
| 413 |
int userSpecifyRev=MetaCatUtil.getRevisionFromAccessionNumber(accnum);
|
|
| 414 | 414 |
int revInDataBase=getLatestRevisionNumber(docIdWithoutRev); |
| 415 | 415 |
//revIndataBase=-1, there is no record in xml_documents table |
| 416 | 416 |
//the data file is a new one, inert it into table |
| 417 | 417 |
//user specified rev should be great than 0 |
| 418 |
if (revInDataBase==-1 && userSpecifyRev>0 ) |
|
| 418 |
if (revInDataBase==-1 && userSpecifyRev>=0 )
|
|
| 419 | 419 |
{
|
| 420 | 420 |
|
| 421 | 421 |
ac = new AccessionNumber(accnum, "insert"); |
| ... | ... | |
| 1590 | 1590 |
|
| 1591 | 1591 |
// Save the old document publicaccessentry in a backup table |
| 1592 | 1592 |
DocumentImpl.archiveDocRevision(connection, docid, user ); |
| 1593 |
MetaCatUtil.debugMessage("after archiveDoc", 40);
|
|
| 1593 | 1594 |
DocumentImpl thisdoc = new DocumentImpl(docid, false); |
| 1594 | 1595 |
int thisrev = thisdoc.getRev(); |
| 1595 |
|
|
| 1596 |
MetaCatUtil.debugMessage("this revsion is: "+thisrev, 40);
|
|
| 1596 | 1597 |
//if the updated vesion is not greater than current one, |
| 1597 | 1598 |
//throw it into a exception |
| 1598 | 1599 |
if (Integer.parseInt(updatedVersion)<=thisrev) |
| ... | ... | |
| 1605 | 1606 |
//set the user specified revision |
| 1606 | 1607 |
thisrev=Integer.parseInt(updatedVersion); |
| 1607 | 1608 |
} |
| 1608 |
|
|
| 1609 |
MetaCatUtil.debugMessage("final revsion is: "+thisrev, 40);
|
|
| 1610 |
MetaCatUtil.debugMessage("before delete", 40);
|
|
| 1609 | 1611 |
// Delete index for the old version of docid |
| 1610 | 1612 |
// The new index is inserting on the next calls to DBSAXNode |
| 1611 | 1613 |
pstmt = connection.prepareStatement( |
| 1612 | 1614 |
"DELETE FROM xml_index WHERE docid='" + this.docid + "'"); |
| 1615 |
MetaCatUtil.debugMessage("after delete", 40);
|
|
| 1613 | 1616 |
// Increase dbconnection usage count |
| 1614 | 1617 |
connection.increaseUsageCount(1); |
| 1615 | 1618 |
|
| ... | ... | |
| 1746 | 1749 |
char istreamChar; |
| 1747 | 1750 |
|
| 1748 | 1751 |
// check for 'write' permission for 'user' to update this document |
| 1749 |
if ( !hasWritePermission(user, groups, docid) ) {
|
|
| 1752 |
if ( !hasWritePermission(user, groups, accnum) ) {
|
|
| 1750 | 1753 |
throw new Exception("User " + user +
|
| 1751 | 1754 |
" does not have permission to update XML Document #" + accnum); |
| 1752 | 1755 |
} |
| ... | ... | |
| 1832 | 1835 |
if ( action.equals("UPDATE") ) {
|
| 1833 | 1836 |
// check for 'write' permission for 'user' to update this document |
| 1834 | 1837 |
|
| 1835 |
if ( !hasWritePermission(user, groups, docid) ) {
|
|
| 1838 |
if ( !hasWritePermission(user, groups, accnum) ) {
|
|
| 1836 | 1839 |
throw new Exception("User " + user +
|
| 1837 | 1840 |
" does not have permission to update XML Document #" + accnum); |
| 1838 | 1841 |
} |
| ... | ... | |
| 1908 | 1911 |
String ruleBase, boolean needValidation) |
| 1909 | 1912 |
throws Exception |
| 1910 | 1913 |
{
|
| 1914 |
MetaCatUtil.debugMessage("user in replication"+ user, 30);
|
|
| 1911 | 1915 |
// Docid without revision |
| 1912 |
String docid=MetaCatUtil.getDocIdFromString(accnum);
|
|
| 1916 |
String docid=MetaCatUtil.getDocIdFromAccessionNumber(accnum);
|
|
| 1913 | 1917 |
// Revision specified by user (int) |
| 1914 |
int userSpecifyRev=MetaCatUtil.getVersionFromString(accnum); |
|
| 1918 |
int userSpecifyRev=MetaCatUtil.getRevisionFromAccessionNumber(accnum); |
|
| 1919 |
MetaCatUtil.debugMessage("The user specifyRev: " + userSpecifyRev, 30);
|
|
| 1915 | 1920 |
// Revision for this docid in current database |
| 1916 | 1921 |
int revInDataBase=getLatestRevisionNumber(docid); |
| 1922 |
MetaCatUtil.debugMessage("The rev in data base: "+revInDataBase, 30);
|
|
| 1917 | 1923 |
// String to store the revision |
| 1918 | 1924 |
String rev = null; |
| 1919 | 1925 |
|
| ... | ... | |
| 1930 | 1936 |
} |
| 1931 | 1937 |
//rev is greater the last revsion number and revInDataBase isn't -1 |
| 1932 | 1938 |
// it is a updated file |
| 1933 |
else if (userSpecifyRev>revInDataBase && revInDataBase>0) |
|
| 1939 |
else if (userSpecifyRev>revInDataBase && revInDataBase>=0)
|
|
| 1934 | 1940 |
{
|
| 1935 | 1941 |
// rev equals user specified |
| 1936 | 1942 |
rev=(new Integer(userSpecifyRev)).toString(); |
| ... | ... | |
| 2183 | 2189 |
|
| 2184 | 2190 |
MetaCatUtil.debugMessage("Start deleting doc "+docid+ "...", 20);
|
| 2185 | 2191 |
// check for 'write' permission for 'user' to delete this document |
| 2186 |
if ( !hasWritePermission(user, groups, docid) ) {
|
|
| 2192 |
if ( !hasWritePermission(user, groups, accnum) ) {
|
|
| 2187 | 2193 |
throw new Exception("User " + user +
|
| 2188 | 2194 |
" does not have permission to delete XML Document #" + accnum); |
| 2189 | 2195 |
} |
Also available in: Unified diff
Fixed the bug for sessionid storing, revision couldn't be zero and Ldap DN is case sensitive.