Revision 5072
Added by daigle over 14 years ago
DocumentUtil.java | ||
---|---|---|
26 | 26 |
|
27 | 27 |
package edu.ucsb.nceas.metacat.util; |
28 | 28 |
|
29 |
import java.io.PrintWriter; |
|
30 |
import java.sql.SQLException; |
|
31 |
import java.util.Hashtable; |
|
29 | 32 |
import java.util.Stack; |
30 | 33 |
import java.util.Vector; |
31 | 34 |
|
35 |
import javax.servlet.http.HttpServletRequest; |
|
36 |
import javax.servlet.http.HttpServletResponse; |
|
37 |
|
|
32 | 38 |
import org.apache.log4j.Logger; |
33 | 39 |
|
34 | 40 |
import edu.ucsb.nceas.dbadapter.AbstractDatabase; |
35 | 41 |
import edu.ucsb.nceas.metacat.DBSAXHandler; |
42 |
import edu.ucsb.nceas.metacat.McdbException; |
|
36 | 43 |
import edu.ucsb.nceas.metacat.NodeRecord; |
44 |
import edu.ucsb.nceas.metacat.PermissionController; |
|
37 | 45 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
46 |
import edu.ucsb.nceas.metacat.service.SessionService; |
|
47 |
import edu.ucsb.nceas.metacat.shared.MetacatUtilException; |
|
48 |
import edu.ucsb.nceas.metacat.util.SessionData; |
|
38 | 49 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException; |
50 |
import edu.ucsb.nceas.utilities.ParseLSIDException; |
|
51 |
import edu.ucsb.nceas.utilities.LSIDUtil; |
|
39 | 52 |
|
40 | 53 |
/** |
41 | 54 |
* A suite of utility classes for the metadata catalog server |
... | ... | |
409 | 422 |
} |
410 | 423 |
return result; |
411 | 424 |
} |
425 |
|
|
426 |
public static void isAuthorized(PrintWriter out, Hashtable<String,String[]> params, |
|
427 |
HttpServletRequest request, HttpServletResponse response) throws MetacatUtilException { |
|
428 |
|
|
429 |
String resourceLsid; |
|
430 |
String[] resourceLsids = params.get("resourceLsid"); |
|
431 |
if (resourceLsids == null) { |
|
432 |
throw new MetacatUtilException("DocumentUtil.isAuthorized - " + |
|
433 |
"resourceLsid parameter cannot be null."); |
|
434 |
} |
|
435 |
resourceLsid = resourceLsids[0]; |
|
436 |
|
|
437 |
String permission; |
|
438 |
String[] permissions = params.get("permission"); |
|
439 |
if (permissions == null) { |
|
440 |
throw new MetacatUtilException("DocumentUtil.isAuthorized - " + |
|
441 |
"permission parameter cannot be null."); |
|
442 |
} |
|
443 |
permission = permissions[0]; |
|
444 |
|
|
445 |
String sessionId; |
|
446 |
String[] sessionIds = params.get("sessionId"); |
|
447 |
if (sessionIds == null) { |
|
448 |
throw new MetacatUtilException("DocumentUtil.isAuthorized - " + |
|
449 |
"sessionId parameter cannot be null."); |
|
450 |
} |
|
451 |
sessionId = sessionIds[0]; |
|
452 |
|
|
453 |
String isAuthorized = "false"; |
|
454 |
String message = ""; |
|
455 |
|
|
456 |
String result = "<resourceAuthorization>"; |
|
457 |
result += "<resourceId>" + resourceLsid + "</resourceId>"; |
|
458 |
result += "<permission>" + permission + "</permission>"; |
|
459 |
result += "<sessionId>" + sessionId + "</sessionId>"; |
|
412 | 460 |
|
461 |
if (!SessionService.isSessionRegistered(sessionId)) { |
|
462 |
message = "Session is not logged in"; |
|
463 |
} else { |
|
464 |
SessionData sessionData = SessionService.getRegisteredSession(sessionId); |
|
465 |
|
|
466 |
String docId = null; |
|
467 |
try { |
|
468 |
docId = LSIDUtil.getDocId(resourceLsid, true); |
|
469 |
PermissionController pc = new PermissionController(docId); |
|
470 |
if (pc.hasPermission(sessionData.getUserName(), sessionData.getGroupNames(), permission)) { |
|
471 |
isAuthorized = "true"; |
|
472 |
message = " docid: " + docId + " is authorized for session"; |
|
473 |
} |
|
474 |
} catch (ParseLSIDException ple) { |
|
475 |
message = "unparseable resource lsid: " + ple.getMessage(); |
|
476 |
} catch (McdbException me) { |
|
477 |
message = "could not create permission controller for docid: " + docId + " : " + me.getMessage(); |
|
478 |
} catch (SQLException sqle) { |
|
479 |
message = "SQL error getting permissions for docid: " + docId + " : " + sqle.getMessage(); |
|
480 |
} |
|
481 |
} |
|
482 |
|
|
483 |
result += "<isAuthorized>" + isAuthorized + "</isAuthorized>"; |
|
484 |
result += "<message>" + message + "</message>"; |
|
485 |
result += "</resourceAuthorization>"; |
|
486 |
|
|
487 |
out.write(result); |
|
488 |
} |
|
489 |
|
|
413 | 490 |
} |
Also available in: Unified diff
Add authorization functionality