Project

General

Profile

« Previous | Next » 

Revision 2586

Added by Jing Tao over 18 years ago

Add code to check the if the user has permission to start or stop timed replication.

View differences:

src/edu/ucsb/nceas/metacat/MetacatReplication.java
164 164 
                             "\" accepted for server: " + server);
165 165 
        }
166 166 
      }
167 
      else
168 
      {
169 
          // start, stop, getall and servercontrol need to check
170 
          // if user is administor
171 
          HttpSession sess = request.getSession(true);
172 
          String sess_id = "";
173 
          String username = "";
174 
          String[] groupnames = {""};
175 
          Hashtable sessionHash = MetaCatServlet.getSessionHash();
176 
          if (params.containsKey("sessionid"))
177 
          {
178 
             sess_id = ((String[]) params.get("sessionid"))[0];
179 
             MetaCatUtil.debugMessage("in has sessionid "+ sess_id, 40);
180 
             if (sessionHash.containsKey(sess_id))
181 
             {
182 
                  MetaCatUtil.debugMessage("find the id " + sess_id + " in hash table", 40);
183 
                  sess = (HttpSession) sessionHash.get(sess_id);
184 
             }
185 
           }
186 
           username = (String) sess.getAttribute("username");
187 
           MetaCatUtil.debugMessage("The user name from session is: "+ username, 20);
188 
           groupnames = (String[]) sess.getAttribute("groupnames");
189 
           if (!MetaCatUtil.isAdministrator(username, groupnames))
190 
           {
191 
               PrintWriter out = response.getWriter();
192 
               out.print("<error>");
193 
               out.print("The user \"" + username +
194 
                       "\" is not authorized for this action.");
195 
               out.print("</error>");
196 
               out.close();
197 
               MetaCatUtil.debugMessage("The user \"" + username +
198 
                       "\" is not authorized for this action: " +action, 30);
199 
               replErrorLog("The user \"" + username +
200 
                       "\" is not authorized for this action: " +action);
201 
               return;
202 
           }
203
204 
      }// this is final else
167 205 
    } catch (Exception e) {
168 206 
      System.out.println("Error in MetacatReplication.handleGetOrPost: " +
169 207 
                         e.getMessage() );
170 208 
      return;
171 209 
    }
210
172 211 
    if ( action.equals("readdata") )
173 212 
    {
174 
      OutputStream out=response.getOutputStream();
213 
      OutputStream outStream = response.getOutputStream();
175 214 
      //to get the data file.
176 
      handleGetDataFileRequest(out, params, response);
177 
      out.close();
215 
      handleGetDataFileRequest(outStream, params, response);
216 
      outStream.close();
178 217 
    }
179 218 
    else if ( action.equals("forcereplicatedatafile") )
180 219 
    {

Also available in: Unified diff