Project

General

Profile

« Previous | Next » 

Revision 2333

Added by sgarg almost 20 years ago

Made changes to fix bug# 1310. Now while parsing old documents, the script checks for ACLs also.

View differences:

register-dataset.cgi
2096 2096 
    dontOccur($doc, "./pubPlace", "pubPlace");
2097 2097 
    dontOccur($doc, "./project", "project");
2098 2098
2099 
    ############ Code for checking ACL #####################
2100 
    dontOccur($doc, "//dataset/access/deny", "dataset/access/deny");
2101 

  		




  
  2102
  
    
    $results = $doc->findnodes('//dataset/access/allow');


  		




  
  2103
  
    
    if ($results->size() != 3) {


  		




  
  2104
  
    
        errMoreThanN("dataset/access/allow");


  		




  
  2105
  
    
    } else {


  		




  
  2106
  
    
	my $accessError = 0;


  		




  
  2107
  
    
        foreach $node ($results->get_nodelist) {


  		




  
  2108
  
    
            my @children = $node->childNodes;


  		




  
  2109
  
    
	    my $principal = "";


  		




  
  2110
  
    
	    my $permission = "";


  		




  
  2111
  
    
            for (my $i = 0; $i < scalar(@children); $i++) {


  		




  
  2112
  
    
                my $child = $children[$i];


  		




  
  2113
  
    
                if ($child->nodeName eq 'principal') {


  		




  
  2114
  
    
                    $principal = $child->textContent();


  		




  
  2115
  
    
                } elsif ($child->nodeName eq 'permission') {


  		




  
  2116
  
    
                    $permission = $child->textContent();


  		




  
  2117
  
    
                }


  		




  
  2118
  
    
            }


  		




  
  2119
  
    
	


  		




  
  2120
  
    
	    if ($principal eq 'public' && $permission ne 'read') { $accessError = 1; }


  		




  
  2121
  
    
	    if ($principal eq $username && $permission ne 'all') { $accessError = 2; }


  		




  
  2122
  
    
	    if ($principal ne 'public' && $principal ne $username && $permission ne 'all') { $accessError = 3; }


  		




  
  2123
  
    
	}


  		




  
  2124
  
    
 


  		




  
  2125
  
    
	if ($accessError != 0) {


  		




  
  2126
  
    
	    my $error ="The ACL for this document has been changed outside the registry. Please use Morpho to edit this document";


  		




  
  2127
  
    
            push(@errorMessages, $error."\n");


  		




  
  2128
  
    
	}     


  		




  
  2129
  
    
    }


  		




  
  2130
  
    
    ########################################################


  		




  
  2131
  
    

  		




  
  2132
  
    

  		




  2099
  2133
  
    
    dontOccur($doc, "./dataTable", "dataTable");


  		




  2100
  2134
  
    
    dontOccur($doc, "./spatialRaster", "spatialRaster");


  		




  2101
  2135
  
    
    dontOccur($doc, "./spatialVector", "spatialVector");


  		












Also available in:  Unified diff