/src/edu/ucsb/nceas/metacat/MetaCatServlet.java - Diff - Metacat - Ecoinformatics Redmine

« Previous | Next »

Revision 5098

Added by daigle over 14 years ago

change AccessControlForSingleFile to only be instantiated for one file. move ACL methods to AccessControlForSingleFile. Change format of access sections returned to EML 2.1.0.

     import com.oreilly.servlet.multipart.ParamPart;
     import com.oreilly.servlet.multipart.Part;
     import edu.ucsb.nceas.metacat.accesscontrol.AccessControlException;
     import edu.ucsb.nceas.metacat.accesscontrol.AccessControlForSingleFile;
     import edu.ucsb.nceas.metacat.accesscontrol.AccessControlInterface;
     import edu.ucsb.nceas.metacat.accesscontrol.AccessControlList;
-...
     import edu.ucsb.nceas.metacat.service.ServiceService;
     import edu.ucsb.nceas.metacat.service.SessionService;
     import edu.ucsb.nceas.metacat.service.XMLSchemaService;
     import edu.ucsb.nceas.metacat.shared.ServiceException;
     import edu.ucsb.nceas.metacat.shared.BaseException;
     import edu.ucsb.nceas.metacat.shared.HandlerException;
     import edu.ucsb.nceas.metacat.shared.MetacatUtilException;
     import edu.ucsb.nceas.metacat.shared.ServiceException;
     //import edu.ucsb.nceas.metacat.shared.AccessException;
     import edu.ucsb.nceas.metacat.spatial.SpatialHarvester;
     import edu.ucsb.nceas.metacat.spatial.SpatialQuery;
     import edu.ucsb.nceas.metacat.util.AuthUtil;
-...
+            }
             try {
                 // get connection from the pool
                 dbConn = DBConnectionPool
                         .getDBConnection("MetaCatServlet.handleGetAccessControlAction");
                 serialNumber = dbConn.getCheckOutSerialNumber();
                 AccessControlList aclobj = new AccessControlList(dbConn);
                 String acltext = aclobj.getACL(docid, username, groupnames);
             	AccessControlForSingleFile acfsf = new AccessControlForSingleFile(docid);
                 String acltext = acfsf.getACL(username, groupnames, true);
                 if (qformat.equals("xml")) {
                     response.setContentType("text/xml");
                 	out.println(acltext);
-...
         private void handleSetAccessAction(PrintWriter out, Hashtable<String, String[]> params,
                 String username, HttpServletRequest request, HttpServletResponse response) {
             Logger logMetacat = Logger.getLogger(MetaCatServlet.class);
             String[] docList = null;
             String[] principalList = null;
             String[] permissionList = null;
             String[] permTypeList = null;
             String[] permOrderList = null;
             String[] qformatList = null;
             String permission = null;
             String permType = null;
             String permOrder = null;
-...
             String success = null;
             boolean isEmlPkgMember = false;
             // Get parameters
             if (params.containsKey("docid")) {
                 docList = params.get("docid");
+            }
             if (params.containsKey("principal")) {
                 principalList = params.get("principal");
+            }
             if (params.containsKey("permission")) {
                 permissionList = params.get("permission");
+            }
             if (params.containsKey("permType")) {
                 permTypeList = params.get("permType");
+            }
             if (params.containsKey("permOrder")) {
                 permOrderList = params.get("permOrder");
+            }
             String[] docList = params.get("docid");
             String[] principalList = params.get("principal");
             String[] permissionList = params.get("permission");
             String[] permTypeList = params.get("permType");
             String[] permOrderList = params.get("permOrder");
             String[] qformatList = params.get("qformat");
             String[] accessBlock = params.get("accessBlock");
             if (params.containsKey("qformat")) {
                 qformatList = params.get("qformat");
             if(accessBlock != null) {
             	if (docList == null) {
             		errorList.addElement("MetaCatServlet.handleSetAccessAction - Please check your parameter list, it should look like: "
                         + "?action=setaccess&docid=<doc_id>&accessBlock=<access_section>");
                     outputResponse(successList, errorList, out);
                     return;
+            	}
             	try {
     	            AccessControlForSingleFile accessControl =
     	            	new AccessControlForSingleFile(docList[0]);
     	            accessControl.insertPermissions(accessBlock[0]);
             	} catch(AccessControlException ace) {
             		errorList.addElement("MetaCatServlet.handleSetAccessAction - access control error when setting " +
             			"access block: " + ace.getMessage());
+            	}
             	outputResponse(successList, errorList, out);
             	return;
+            }
             // Make sure the parameter is not null
-...
                 } catch (Exception e) {
                     logMetacat.error("MetaCatServlet.handleSetAccessAction - Error in handleSetAccessAction: "
                             + e.getMessage());
                     error = "Error in set access control for document - "
                             + accessionNumber + e.getMessage();
                     error = "Error in set access control for document - " + accessionNumber + e.getMessage();
                     errorList.addElement(error);
                     continue;
+                }
                 //check if user is the owner. Only owner can do owner
                 if (username == null || owner == null || !username.equals(owner)) {
                     error = "User - " + username
                             + " does not have permission to set "
                     error = "User - " + username + " does not have permission to set "
                             + "access control for docid - " + accessionNumber;
                     errorList.addElement(error);
                     continue;
-...
                 if (isEmlPkgMember == false)
                     isEmlPkgMember = (DBUtil.findDataSetDocIdForGivenDocument(accessionNumber) != null);
                 // If docid publicid is BIN data file or other beta4, 6 package
                 // document
                 // we could not do set access control. Because we don't want
                 // inconsistent
                 // If docid publicid is BIN data file or other beta4, 6 package document
                 // we could not do set access control. Because we don't want inconsistent
                 // to its access docuemnt
                 if (publicId != null && packageSet != null
                         && packageSet.contains(publicId) && isEmlPkgMember) {
                     error = "Could not set access control to document "
                             + accessionNumber
                     error = "Could not set access control to document " + accessionNumber
                             + "because it is in a pakcage and it has a access file for it";
                     errorList.addElement(error);
                     continue;
-...
                     String principal = principalList[j];
                     try {
                         //insert permission
                         AccessControlForSingleFile accessControl = new AccessControlForSingleFile(
                                 accessionNumber, principal, permission, permType, permOrder);
                         accessControl.insertPermissions();
                         AccessControlForSingleFile accessControl =
                         	new AccessControlForSingleFile(accessionNumber);
                         accessControl.insertPermissions(principal, Long.valueOf(permission), permType, permOrder);
                     } catch (Exception ee) {
                         logMetacat.error("MetaCatServlet.handleSetAccessAction - Error inserting permission: "
                                 + ee.getMessage());

Also available in: Unified diff

Project

General

Profile

Metacat

Revision 5098

Added by daigle over 14 years ago